Shell

All files and directories have an owner, and are part of a group.
Each file therefore defines permissions for:

  • User: the owner
  • Group: users who are part of the group
  • Other: users who are neither the owner nor in the group

Basic permissions are:

  • Read: Read
  • Write: Writing
  • eXecute: Execution

Listing file rights

ls -al          : -al allows to list the rights of files, including hidden ones.
 rwxr-xr--
 \ /\ /\ /
  v  v  v
  |  |  rights of other users (o)
  |  |
  |  rights of users belonging to the group (g)
  |
  owner's rights (u)
$ ls -al           
total 192
drwxrwxr-x 18 yolo yolo 4096 janv. 25 14:23 .          : rights of the current directory
drwxrwxr-x 26 yolo yolo 4096 févr.  5 10:55 ..         : parent directory rights
-rw-rw-r--  1 yolo yolo 5917 janv. 25 14:23 readme.txt : read/write User/Group, read only for Other
-rwxr-xr-x  1 yolo yolo 2642 janv. 25 11:31 run        : read/write/execute for user, read/execute for group and others

Additional permissions exist:

  • SUID: Set UID, the file is executed with the rights of its owner.
  • SGID: Set GUID, the file is executed with the rights of its group.
  • Sticky Bit: When this right is set on a directory, it prevents any user other than the owner of the file from deleting a file in the directory.
$ ls -al           
total 192
drwxrwxr-x 18 yolo yolo 4096 janv. 25 14:23 .          
drwxrwxr-x 26 yolo yolo 4096 févr.  5 10:55 ..         
rwsr-xr-x  1 yolo yolo 2642 janv. 25 11:31 run        : the x is replaced by an s for User

The SUID bit allows us to launch commands with the rights of another user and make privilege elevation.