User permissions are one aspect of Linux security. These privileges are divided into several types, including file licensing, file properties, file system quota, and system resource restrictions. (1) Files and Directory Licensing We can permit files and directory settings in Linux. Prevent others from reading your private files and enters sensitive directory. We can set the file to the minimum, then relax by one by one.
Below is a simple example of a file license: DAI $ LS -L D.TXT-RW-RW-R - 1 DAI USERS 20445 NOV 6 05:40 D.txt is licensed, link number, user, group, byte Number, final modification time, the file license information in its name is: - rw- rw- r - The file type Owner license group license other people license usual file types can be: - Ordinary file, d directory, L symbolic link, S socket, the three permission of the P Fifo pipe file license can be set to license or rejection, which is set or empty, so it can be considered as a collection of 0 and 1, such as RWX read, write, execute, It can be written into 111 or it can be written as an oct-based 7, Rx is read, write, clear write permission, so it can be written into 101, eight into 5, RWXR-X-X is 111101001 It is 751 to change file license: DAI $ LS - L D.TXT-RW-RW-R - 1 DAI USERS 20445 NOV 6 05:40 D.TXTDAI $ CHMOD 751 D.TXTDAI $ LS -L D.TXT-RWXR-X - X 1 Dai User $ 20445 NOV 6 05:40 D.TXT can also use the chmod command as follows: Dai $ ls -l d.txt-rw-r - r - 1 DAI USERS 20445 NOV 6 05:40 D.TXTDAI $ ChMOD X D .txtdAi $ ls -l d.txt-rwxr-xr-x 1 DAI USERS 20445 NOV 6 05:40 D.txt here CHMOD X The meaning is "Add execution license: Indicates increased license - indicates that the license can only Change group license DAI $ chmod gr D.txtdai $ ls -l d.txt-rw --- xr-x 1 DAI Users 20445 NOV 6 05:40 D.TXT in the written directory booklet In addition to other users As long as he has written permissions on this directory, he can not only create files in the directory, you can also all files under the book, including files that do not belong to your own, such as: Dai $ Ls -ld Tempdrwxrwrwx 2 Dai Uses 20445 NOV 6 05 : 40 Temp We can see that this directory belongs to Dai, but anyone has written permissions, now there is a user ming, the book will leave a file that does not belong to him: Ming $ ls -ltotal 0- RW ------ 1 d AI Uses 20445 NOV 6 05:40 A-RW ------ 1 Ming Uses 20445 NOV 6 05:40 B-RW ------- 1 root root 20445 NOV 6 05:40 CMING $ CAT ACAT : A: Weijianleirongming $ rm -f aming $ ls -l total 0-rw ------- 1 ming users 20445 NOV 6 05:40 B-RW ------ 1 Root root 20445 NOV 6 05 : 40 c We can see file a is not ming,
