1© David Morgan 2003-12Linux Linux filesystemfilesystempermissionspermissionsDavid Morgan© David Morgan 2003-12An access control mechanismAn access control mechanism For granting/withholding access to a resource Based on relation between file- and user-characteristics Analogy– government documents receive classifications– government employees receive clearances– access to particular document by particular employee determined by relation between classification and clearance2© David Morgan 2003-12Bigger picture Bigger picture --how we think of ithow we think of ituser filereads© David Morgan 2003-12#include <unistd.h>#include <sys/stat.h>#include <fcntl.h>int main(){char c; int in, out;in = open("file.in", O_RDONLY); out = open("file.out", O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);while(read(in,&c,1) == 1)write(out,&c,1);exit(0);}Bigger picture Bigger picture --how it actually workshow it actually worksuser filereadsprocessrunsnote system calls “open” “read” “write”They do the file accessuser? isn’t even mentioned in the callsUIDusers don’t read files, processes doprogram that copies one file to another3© David Morgan 2003-12#include <unistd.h>#include <sys/stat.h>#include <fcntl.h>int main(){char c; int in, out;in = open("file.in", O_RDONLY); out = open("file.out", O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);while(read(in,&c,1) == 1)write(out,&c,1);exit(0);}user filereadsprocessrunsnote system calls “open” “read” “write”They do the file accessuser? isn’t even mentioned in the callsUIDAUTHENTICATION HEREup front, determines accountfor first (shell) processsame account, carried forward by inheritancefrom shell process to this spawned oneBigger picture Bigger picture --how it actually workshow it actually works© David Morgan 2003-12Government authorizationGovernment authorization documents have “classifications” employees have “clearances”– confidential– secret– top secretaccess decision = = f ( document’s classification, clearance )z = f ( x , y )4© David Morgan 2003-12Computer auth not so different Computer auth not so different  linux– files have permissions for particular user accounts– processes (the true file “users”)carry a user account identity Windows– resource security policies– processes carry user and group affiliationaccess decision = = f ( file’s permissions, user )© David Morgan 2003-12Files have (1) a user affiliationFiles have (1) a user affiliation[root@EMACH1 schools]# ls -ltotal 12-rw-r--r-- 1 root students 121 Dec 8 17:15 assignments-rw-rw---- 1 root teachers 119 Dec 8 17:13 grades-rw-r----- 1 root administ 95 Dec 8 17:10 salariesFilesTheir affiliated usersFiles’ user affiliations are shown by the ls –l command:5© David Morgan 2003-12Files have (2) a group affiliationFiles have (2) a group affiliation[root@EMACH1 schools]# ls -ltotal 12-rw-r--r-- 1 root students 121 Dec 8 17:15 assignments-rw-rw---- 1 root teachers 119 Dec 8 17:13 grades-rw-r----- 1 root administ 95 Dec 8 17:10 salariesFilesTheir affiliated groupsFiles’ group affiliations are shown by the ls –l command:© David Morgan 2003-12Files have (3) a permissions settingFiles have (3) a permissions setting[root@EMACH1 schools]# ls -ltotal 12-rw-r--r-- 1 root students 121 Dec 8 17:15 assignments-rw-rw---- 1 root teachers 119 Dec 8 17:13 grades-rw-r----- 1 root administ 95 Dec 8 17:10 salariesFilesTheir permissions settingsFiles’ permissions settings are shown by the ls –l command:6© David Morgan 2003-12Where? : Where? : inodeinodestructure of a filestructure of a filefound in found in inodeinodetable of an ext2 table of an ext2 filesystemfilesystemfieldsize start end Item2 1 2 File type and access rights2 3 4 Owner identification4 5 8 File length in bytes4 9 12 Time of last file access4 13 16 Time that inode last changed4 17 20 Time that file contents last changed4 21 24 Time of file deletion2 25 26 Group identifier2 27 28 Hard links counter4 29 32 Number of data blocks of the file4 33 36 File flags4 37 40 Specific operating system information4 41 44 Pointer to first data block56 45 100 14 more pointers to data blocks4 101 104 File version (for NFS)4 105 108 File access control list4 109 112 Directory access control list4 113 116 Fragment address8 117 124 Specific operating system informationuser affiliation heregroup affiliation herepermissions setting here© David Morgan 2003-12Users have group membershipsUsers have group memberships..administrators:x:542:socrates,royteachers:x:543:platostudents:x:544:aristotle..Users’ memberships appear in the file that defines the groups,(/etc/group) not the one that defines the users (/etc/passwd)file /etc/groupThe membersThe group7© David Morgan 2003-12File system File system --permissionspermissions File type (file, directory, device,…) Accesses granted to file’s associated User Accesses granted to members of file’s Group* Accesses granted to all Other users-rwxr-x---*other than the associated user© David Morgan 2003-12Meaning for filesMeaning for filesr– can read– can open filew– write– can modify filex– execute– can try to execute file-– can’t read– can’t open file-– can’t write– can’t modify file-– can’t execute– can’t try to execute file-or else-letter :hyphen :8© David Morgan 2003-12Meaning for directoriesMeaning for directoriesr– can read– can view contained filesw– write– can change contained files (add, rename, move)x– execute– can enter directory (cd)– can open contained files in directory or its subs-– can’t read– can’t view contained files-– can’t write– can’t change contained files (add, rename, move)-– can’t execute– can’t enter directory (cd)– can’t open contained files in directory or its subs-or else-letter :hyphen :© David Morgan 2003-12Commands for controlling theseCommands for controlling these[root@EMACH1 schools]# ls -ltotal 12-rw-r--r-- 1 root students 121 Dec 8 17:15 assignments-rw-rw---- 1 root teachers 119 Dec 8 17:13 grades-rw-r----- 1 root administ 95 Dec 8 17:10 salarieschmodchownchgrp9© David Morgan 2003-12chmodchmod––change file permissionschange file