Ady Wicaksono Daily Activities

chmod, change mode of file

leave a comment »

In Linux there’s 4 octal number to define the permission of file:

0 - no permission
1 - execute permission
2 - write permission
4 - read permission

To manipulate permission we can use “chmod” which accept mode of file followed by filename.
Example:

   chmod 660 /tmp/x
   chmod 4755 /tmp/b

The first command will modify permission of /tmp/x to 660, if we give only 3 numbers meaning we define permission for:

1st byte to define file permission for owner of file: 6 = 4 + 2 = can read and write
2nd byte to define file permission for group of user to access the file: 6 = 4 + 2 = can read and write
3rd byte to define file permission for other to access the file: 0 = no permission at all

Meanwhile if define 4 number, the first octal number define the ownership of running process if the file is being executed, or special permission for a directory, or behaviour of a running process:

0 - no setting
1 - save text image
2 - set GID
4 - set UID

octal number 1 is also called “sticky bit” if defined for directory, then we can modify, create, delete file that belong to us only, for example /tmp

drwxrwxrwt  11 root root 11264 Nov  7 03:55 /tmp

See, there’s “t” that indicate this sticky bit, even on /tmp all users has read/write/execute access, but they will not able to remove/modify files not belong to them

# id
uid=502(smsc) gid=32005(smsc) groups=32005(smsc),32008(compiler)
# ls -l /tmp/PDF-NWiY35.htm
-rw-r--r--  1 nobody nobody 35726 Sep 15 15:05 /tmp/PDF-NWiY35.htm
# rm -f /tmp/PDF-NWiY35.htm
rm: cannot remove `/tmp/PDF-NWiY35.htm': Operation not permitted

This sticky bit for file define that once the file executed, the text area of process will not removed from swap/memory, so next time the file execute again should be a little bit faster because the text area will not created again.

Back to example, chmod 4755 will make
1. File execution will be “setuid” active or will be executed with effective UID the same with the owner of file
2. Permission for user is 7 = 4 + 2 + 1 = (read+write+execute)
3. Permission for group is 5 = 4 + 1 = (read+execute)
3. Permission for other is 5 = 4 + 1 = (read+execute)

Written by adywicaksono

November 6, 2007 at 6:19 pm

Posted in Linux

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: