`

UNIX File Permission

    博客分类:
  • UNIX
 
阅读更多

The default file permissions (umask):

Each user has a default set of permissions which apply to all files created by that user, unless the software explicitly sets something else. This is often called the 'umask', after the command used to change it. It is either inherited from the login process, or set in the .cshrc or .login file which configures an individual account, or it can be run manually.

Typically the default configuration is equivalent to typing 'umask 22' which produces permissions of:

-rw-r--r-- for regular files, or
drwxr-xr-x for directories.

In other words, user has full access, everyone else (group and other) has read access to files, lookup access to directories.

When working with group-access files and directories, it is common to use 'umask 2' which produces permissions of:

-rw-rw-r-- for regular files, or
drwxrwxr-x for directories.

For private work, use 'umask 77' which produces permissions:

-rw------- for regular files, or
drwx------ for directories.

The logic behind the number given to umask is not intuitive.

The command to change the permission flags is "chmod". Only the owner of a file can change its permissions.

The command to change the group of a file is "chgrp". Only the owner of a file can change its group, and can only change it to a group of which he is a member.

 

WARNINGS:

Putting 'umask 2' into a startup file (.login or .cshrc) will make these settings apply to everything you do unless manually changed. This can lead to giving group access to files such as saved email in your home directory, which is generally not desireable.

 

Making a file group read/write without checking what its group is can lead to accidentally giving access to almost everyone on the system. Normally all users are members of some default group such as "users", as well as being members of specific project-oriented groups. Don't give group access to "users" when you intended some other group.

 

Remember that to read a file, you need execute access to the directory it is in AND read access to the file itself. To write a file, your need execute access to the directory AND write access to the file. To create new files or delete files, you need write access to the directory. You also need execute access to all parent directories back to the root. Group access will break if a parent directory is made completely private.

读文件 需要: 文件的读权限 + 文件目录的执行权限(包括所有父目录的执行权限)

写文件 需要: 文件的写权限 + 文件目录的执行权限(包括所有父目录的执行权限)

新建/删除文件 需要: 文件目录的写权限(包括所有父目录的执行权限)

 

 

 

 

 

分享到:
评论

相关推荐

    UNIX编程艺术(中文).pdf

    **文件权限管理(File Permission Management)** 在UNIX系统中,文件权限是非常重要的概念之一。通过设置合适的文件权限,可以有效地控制不同用户对文件的访问。了解和掌握如何正确设置文件权限对于维护系统的安全性...

    UNIX shell的详细图解

    - 符号模式:`chmod [who] operator [permission] filename`,例如: - `chmod a-x file`:取消所有用户的执行权限。 - `chmod og-w file`:取消同组用户和其他用户的写权限。 - `chmod g+w file`:赋予同组用户...

    permission.pl

    Perl脚本可能涉及的特定Perl模块包括`File::Find`用于遍历目录,`POSIX`模块用于接口与Unix系统调用,如`chmod`,以及`Log::Log4perl`用于日志记录。 在编写这样的脚本时,开发者需要注意以下几点: - 错误处理:...

    经典《Linux与UNIX Shell编程指南》中文文字版.pdf

    基本用法为 `chmod [who] operator[permission] filename`,其中who可以是u(用户)、g(组)、o(其他)、a(所有),operator可以是+(添加权限)、-(删除权限)、=(设置权限),permission则是r、w、x的组合。...

    Java文件、文件夹权限修改的两种方法

    logger.log(Level.SEVERE, "Change folder " + dirFile.getAbsolutePath() + " permission failed.", e); } } ``` 这种方式可以原生支持Linux和Unix系统,但是在Windows系统下却不区分文件所有者和其他人,似乎...

    利用 Oracle 和 PHP 管理分布式跟踪文件

    eg exec dbms_java.grant_permission (‘TFMADMIN‘, ‘SYS:java.io.FilePermission‘,‘your background_dump_dest‘, ‘read‘) exec dbms_java.grant_permission (‘TFMADMIN‘, ‘SYS:java.io.FilePermission...

    文件管理器FileManager - 安卓Android程序实例源代码.zip

    在Android中,文件权限管理是基于Unix的权限模型,包括读(r)、写(w)和执行(x)三个权限位,针对所有者、用户组和其他用户进行设置。AndroidManifest.xml文件中的`<uses-permission>`标签用于声明应用所需的...

    UNIX环境高级编程(第二版,英文版)

    Summary of File Access Permission Bits Section 4.25. Summary Exercises Chapter 5. Standard I/O Library Section 5.1. Introduction Section 5.2. Streams and FILE Objects ...

    Linux与UNIX Shell编程指南

    - 绝对模式:chmod [mode] filemode - mode是一个三位数,每一位代表所有者、组和其他用户的权限。 6. suid和guid suid(set user ID)和guid(set group ID)允许用户执行文件时拥有文件所有者或文件所在组的权限...

    Linux\LINUX 与 UNIX SHELL 编程指南.pdf

    - **符号模式**:`chmod [who][operator][permission] file_name` - `who`:可以是`u`(文件所有者)、`g`(所属组)、`o`(其他用户)或`a`(全部)。默认为`a`。 - `operator`:可以是`+`(添加权限)、`-`...

    centos下file_put_contents()无法写入文件的原因及解决方法

    如果文件夹权限设置不正确,你可能会收到像“Warning: file_put_contents() [function.file-put-contents]: failed to open stream: Permission denied”这样的错误。要解决这个问题,你可以使用chmod命令来修改...

    光纤盘多路复合工具驱动

    1. need to copy both the .jar file and setup executable to /tmp directory on the Unix server 2. change the permission 3. execute the setup. 4. to create Host Based Authentication on the RSM Host Agent...

    android 查看文件夹及文件夹内容

    Android基于Linux内核,因此它的文件系统遵循类Unix的目录层次结构。根目录`/`下包含了系统的主要目录,如`/data`(用于应用程序数据)、`/sdcard`(模拟外部存储,通常用于用户数据)等。 要查看文件夹内容,首先...

    关于Java文件路径问题

    避免硬编码敏感路径,使用`java.io.FilePermission`进行权限控制,以及确保在创建或删除文件时进行异常处理,都是开发过程中的良好实践。 总结起来,Java文件路径处理涉及到路径的构建、解析、转换和安全操作。`...

    Android smb访问共享文件以及播放共享文件

    SMB协议允许设备通过网络共享文件、打印机以及其他资源,广泛应用于Windows、Linux和Unix系统中。在Android系统中,虽然原生支持不强,但通过第三方库和应用,我们可以实现SMB访问功能。 1. **SMB协议简介** - SMB...

    Android 文件创建 存储 源码

    使用`Manifest.permission.WRITE_EXTERNAL_STORAGE`和`Manifest.permission.READ_EXTERNAL_STORAGE`进行权限请求。 7. **存储路径选择** - 内部存储:应用私有的,用户无法访问,数据在应用卸载时被删除。 - 外部...

    grads-1.8sl11-linux

    GrADS Executables for UNIX & Linux GrADS is distributed free of charge, however certain copyright restrictions do apply; please read the "Licensing Information" at the end of this file. Versions ...

    CentOS 7.2 设置脚本在服务器开机时自动启动

    log_failure_msg "config file doesn't exist (or you don't have permission to view)" exit 4 fi if [ -e $PIDFILE ]; then PID="$(pgrep -f $PIDFILE)" if test -n "$PID" && kill -0 "$PID" &>/dev/null; ...

Global site tag (gtag.js) - Google Analytics