Github Linkedin X Official Website Feedback

File Permissions 💻

Window

The Importance of Access Control ⚠️🔐

File permissions are a crucial concept in computer security. We need to carefully manage who has access to specific files and directories, granting access only to those who require it. This principle of access control extends beyond just computer systems, as we often apply similar concepts in our daily lives. 🗝️🔒️

Windows File Permissions 💻🔍

In Windows, file and directory permissions are assigned using Access Control Lists (ACLs), specifically Discretionary Access Control Lists (DACLs). Windows also utilizes System Access Control Lists (SACLs) to track file and folder access events. 🗂️💾

Understanding DACL Permissions 📋️🔑

A DACL is essentially a note about who can use a file and what they're allowed to do with it. Each file or folder has an owner and one or more DACLs. Let's explore the different permissions:

  • Read: Allows viewing the file's contents and reading the files/directories in a directory. 📖️

  • Read and Execute: Includes Read and allows executing the file if it's an executable. 💻️

  • List Folder Contents: Alias for Read and Execute on a directory. 📁️

  • Write: Allows making changes to a file, creating subdirectories, and writing to files in the directory. ✍️

  • Modify: An umbrella permission that includes Read, Execute, and Write. 🔧️

  • Full Control: Allows the user or group to do anything with the file, including taking ownership and changing its ACLs. 🔐️

Viewing and Understanding ACLs 🔍️📋️

We can use the icacls (Improved Change ACLs) utility to view the ACLs assigned to a file or directory. The output shows the user accounts with access and the corresponding permissions, represented by letters.

For example, the F letter indicates "Full Control," and the OI (Object Inherit) and CI (Container Inherit) flags determine if the permissions are inherited by new files or directories created within the folder. 🔖️🗂️

By understanding file permissions and ACLs, we can effectively manage access and security within our computer systems. 🔒️💻️

Linux File Permissions

As we've now learned, there are files and folders that have different permission sets on them so that unwanted eyes can't view or modify them. There are three different permissions you can have in Linux:

  1. Read 📖 - This allows someone to read the contents of a file or folder.

  2. Write ✏️ - This allows someone to write information to a file or folder.

  3. Execute ⚙️ - This allows someone to execute a program.

Let's take a look at this with the ls command. We'll use the long flags so we can see the permissions on the file. The first thing we see in this column is -rwxrw-r--. There are 10 bits here.

The first one is the file type. In this example, a dash - means that the file we're looking at is just a regular file. Sometimes you might see d, which stands for a directory.

The next nine bits are our actual permissions. They're grouped in trios or sets of three.

  • The first trio refers to the permission of the owner of the file.

  • The second trio refers to the permission of the group that this file belongs to.

  • The last trio refers to the permission of all other users.

The r stands for readable, w stands for writable, and x stands for executable. Like in binary, if a bit is set, then we say that it's enabled. For our permissions, if a bit is a dash -, it's disabled. If it has something other than a dash, it's enabled.

Permissions in Linux are super flexible and powerful because they allow us to set specific permissions based on a role such as an owner in a group or everyone else. Let's take a look at this in detail.

The first set of permissions rwx refers to the permission of the user who owns that file. In this case, it's Cindy, where you can see in the owner field of ls -l. It says here that the owner of the file can read, write, and execute this file.

The next set of permissions are group permissions. We can see the group this file belongs to is the cool group. They have read and write permissions, but not execute permissions.

Lastly, the permissions for all other users and groups only allow them to read this file.

That's Linux permissions in a nutshell! 🐧 It might take some time to get used to reading permissions. Don't worry, you'll eventually get the hang of it. As always, feel free to review this lesson again if you need a refresher. 📚

Previous2.PermissionsNextChanging Permissions

Last updated