Day 6 : File Permissions and Access Control Lists

In today’s digital age, where information is an invaluable asset, protecting sensitive data has become a paramount concern for individuals, organization.

File permissions and access control lists (ACLs) serve as the first line of defense in securing digital assets. In this article, we delve into the world of file permissions and access control lists, exploring their importance, underlying principles, and practical implementation across various operating systems and file systems.

What are the three permission groups?

There are three options for permission groups available to you in Linux. These are

• owners: these permissions will only apply to owners and will not affect other groups.
• groups: you can assign a group of users specific permissions, which will only impact users within the group.
• all users: these permissions will apply to all users, and as a result, they present the greatest security risk and should be assigned with caution.

To change directory permissions in Linux, use the following:

• chmod +rwx filename to add permissions
• chmod -rwx directoryname to remove permissions.
• chmod +x filename to allow executable permissions.
• chmod -wx filename to take out write and executable permissions.

Note that “r” is for read, “w” is for write, and “x” is for execute.

Numeric Notation:

1. Set read permission for the owner: chmod 400 file

2. Set write permission for the owner: chmod 200 file

3. Set execute permission for the owner: chmod 100 file

4. Set read and write permissions for the owner: chmod 600 file

5. Set read and execute permissions for the owner: chmod 500 file

6. Set write and execute permissions for the owner: chmod 300 file

7. Set read, write, and execute permissions for the owner: chmod 700 file

8. Set read permission for the group: chmod 040 file

9. Set write permission for the group: chmod 020 file

10. Set execute permission for the group: chmod 010 file

11. Set read and write permissions for the group: chmod 060 file

12. Set read and execute permissions for the group: chmod 050 file

13. Set write and execute permissions for the group: chmod 030 file

14. Set read, write, and execute permissions for the group: chmod 070 file

15. Set read permission for others: chmod 004 file

16. Set write permission for others: chmod 002 file

17. Set execute permission for others: chmod 001 file

18. Set read and write permissions for others: chmod 006 file

19. Set read and execute permissions for others: chmod 005 file

20. Set write and execute permissions for others: chmod 003 file

21. Set read, write, and execute permissions for others: chmod 007 file

What is ACL (Access Control Lists)

Access Control Lists (ACLs) provide a more granular level of control over file and directory permissions in Linux. ACLs allow you to define access permissions for specific users or groups beyond the traditional owner, group, and other permissions. They enable finer control over access rights and are often used in scenarios where complex permission configurations are required.

Here are the explanations and examples of the getfacl and setfacl commands used for managing ACLs:

1. getfacl: The getfacl command is used to retrieve the ACL information of a file or directory. It displays the existing ACL entries along with the traditional permissions. Syntax : getfacl <file/directory>
2. setfacl: The setfacl command is used to modify the ACL of a file or directory. It allows you to add, modify, or remove ACL entries to grant or revoke access rights. Syntax setfacl -m u:radhey myfile.txt

Set read, write, and execute permissions for others: chmod 007 file