Unit 3: Using Operating System



            3.5.1 Directory Access Permissions                                                    Notes
            A directory’s access permissions help to control access to the files in it. These affect the overall
            ability to use files and subdirectories in the directory. (Once you have access to a directory, the
            ability to read or modify the contents of specific files is controlled by the file access permissions;
            see the second of the following two lists.)
            In the commands below, replace dirname with the directory’s pathname. An easy way to
            change permissions on the working directory is by using its relative pathname, . (dot), as in
            “chmod 755 . “.

              • To keep yourself from accidentally removing files (or adding or renaming files) in a directory,
                 use chmod 555 dirname . To do the same, but also deny other users any access, use chmod
                 500 dirname.
              • To protect the files in a directory and all its subdirectories from everyone else on your
                 system - but still be able to do anything you want to dp there—use chmod 700 dirname.
              • To let other people on the system see what’s in a directory—and read or edit the files
                 if the file permissions let them—but not rename, remove, or add files—use chmod
                 755 dirname.

              • To let people in your UNIX group add, delete, and rename files in a directory of
                 yours—and read or edit other people’s files if the file permissions let them—use
                 chmod 775 dirname.
              • To give full access to everyone on the system, use chmod 777 dirname.
            Remember, to access a directory, a user must also have execute (x) permission to all of its parent
            directories, all the way up to the root.
            3.5.2 File Access Permissions

            The access permissions on a file control what can be done to the file’s contents. The access
            permissions on the directory where the file is kept control whether the file can be renamed or
            removed.
               (a) To make a private file that only you can edit, use chmod 600 filename . To protect it from
                   accidental editing, use chmod 400 filename.
               (b) To edit a file yourself, and let everyone else on the system read it without editing, use
                   chmod 644 filename.
               (c) To let you and all members of your UNIX group edit a file, but keep any other user from
                   reading or editing it, use chmod 660 filename.
               (d) To let nongroup users read but not edit the file, use chmod 664 filename.
               (e) To let anyone read or edit the file, use chmod 666 filename.

            3.5.3 More Protection Under Linux
            Most Linux systems have a command that gives you more choices on file and directory protection:
            chattr . chattr is being developed, and your version may not have all of the features that it will
            have in later versions of Linux. For instance, chattr can make a Linux file append-only (so it can’t
            be overwritten, only added to); compressed (to save disk space automatically); immutable (so it can’t
            be changed at all); undeletable , and more. Check your online documentation (type man chattr) or
            ask your system administrator for advice on your system.








                                             LOVELY PROFESSIONAL UNIVERSITY                                    47