Introduction to File Ownership and Security
Tutorial on File and Directory Permissions
Who Will Own a New File?
Protecting Files with the Sticky Bit
Using chmod to Change File Permission
The Handy chmod = Operator
Protect Important Files: Make Them Unwritable
cx, cw, c-w: Quick File Permission Changes
A Loophole: Modifying Files Without Write Access
A Directory That People Can Access but Can't List
Juggling Permissions
File Verification with md5sum
Shell Scripts Must Be Readable and (Usually) Executable
Why Can't You Change File Ownership?
How to Change File Ownership Without chown
Because Unix is a multiuser system, you need some way of protecting users from one another: you don't want other users to look at the wrong files and find out compromising information about you, or raise their salaries, or something equivalently antisocial. Even if you're on a single-user system, file ownership still has value: it can often protect you from making mistakes, like deleting important executables.
In this chapter, we'll describe how file ownership works: who owns files, how to change ownership, how to specify which kinds of file access are allowed, and so on. We'll also discuss some other ways to prevent people from "prying," like clearing your screen.
In my opinion, most security breaches arise from mistakes that could easily have been avoided: someone discovers that anyone can read the boss's email, including the messages to his bookie. Once you've read this chapter, you'll understand how to avoid the common mistakes and protect yourself from most intruders.
-- ML
Copyright © 2003 O'Reilly & Associates. All rights reserved.