Linux Ch. 13
The permissions
In ls -l, after the file type symbol, what is displayed?
The file's user owner and then the file's group owner
In ls -l, after the link count, what two fields are displayed?
dual personality
Since the passwd command is owned by the root user and has the setuid permission set, it executes with a '______ _______', which allows it to access files either as the person who is running the command or as the root user.
-
Symbol in the ls -l permissions list that indicates absence of a particular type of permission.
passwd
The ______ command has the setuid permission. This command modifies the /etc/shadow file in order to update the value for the user's password. That file is not normally modifiable by an ordinary user.
octal
The octal (numeric) chmod method requires knowledge of the ______ value of each of the permissions and requires all three sets of permissions (user, group, other) to be specified every time.
ID (UID and GID)
The operating system does not associate user ownership or group owernership by name with the file, but by _____.
Read, write, execute
The three types of permission that can be placed on a file or directory.
rwx
What are the symbols for read, write, and execute in the permissions listing with the ls -l command on a file.
A space followed by the path names for the files to assign those permissions.
What comes after chmod MODE in this command?
0 = --- 1 = --x 2 = -w- 3 = -wx 4 = r-- 5 = r-x 6 = rw- 7 = rwx
What do the octal values 0, 1, 2, 3 , 4, 5, 6, 7 represent?
+ add the permission, if necessary = specify the exact permission - remove the permission, if necessary
What do these symbols mean for the chmod MODE argument: +, =, -
u = user owner g = group owner o = others a = all (user owner, group owner, others)
What do these symbols mean for the chmod MODE argument: u, g, o, a
password
What do you need in order to start a new shell as the root user?
The file does not have the execute permission, only the setuid permission
What does it mean when there is an S instead of an x in the executable permission slot in the ls -l command for a file?
Both the setuid and execute permissions are set.
What does it mean when there is an s instead of an x in the executable permission slot in the ls -l command for a file?
The type of a file
What does the first character in the ls -l output indicate?
UID, user account name, GID, group name or primary group, GIDs and group names of all group memberships the user belongs to
What does the id command display?
r,w, or x (indicates the permission type to change)
What is the last symbol in the chmod MODE argument?
4 = read 2 = write 1 = execute 0 = none
What octal values represent read, write, execute, and none?
Write and execute permissions on the directory the file is contained within.
What permissions do you need to have in order to delete a file?
d
What symbol indicates a directory file type in the ls -l output?
-
What symbol indicates a regular file in the ls -l output?
l
What symbol indicates a symbolic link file type in the ls -l output?
whoami, id
What two commands will display your user identity?
octal method
When changing more than one permission set, this chmod method is probably the more efficient method.
su - su -l su --login
What 3 ways can the login shell option be specified?
g+s 2000
What are the symbolic and octal values for setgid on a directory?
g+s 2000
What are the symbolic and octal values for setgid on a file?
u+s 4000
What are the symbolic and octal values for setuid on a file?
o+t 1000
What are the symbolic and octal values for sticky on a directory?
chmod 0755 sample.txt (or you could just write chmod 755 sample.txt)
Remove the setuid permission numerically from the sample.txt file which currently has 4755 permissions.
chmod u-s newfile.txt
Remove the setuid permission symbolically from the newfile.txt file.
chmod g-w newfile.txt
Remove the write permission from the group owner for newfile.txt
chmod 000 sample.txt
Set the permissions on sample.txt to --------- using the octal method.
chmod 644 sample.txt
Set the permissions on sample.txt to rw-r--r-- using the octal method.
chmod 755 sample.txt
Set the permissions on sample.txt to rwxr-xr-x using the octal method.
stat
Recall that this command provides more detailed information than the ls -l command. One advantage of this command is that is shows permissions using both the symbolic and numeric (octal) methods.
chmod a=- fakefile
Remove all permissions from the file 'fakefile'
It will remove all special permission from a file or directory.
A leading 0, such as 0755 will do what for permissions on a file or directory?
chmod ug+x,o-r newfile.txt
Add execute to the user and group owners and remove the read permission for the others group for newfile.txt.
chmod u+x newfile.txt
Add the execute permission for the user owner for newfile.txt
chmod 4755 sample.txt
Add the setuid permission numerically to the sample.txt file, which already has 755 permissions set on it.
exit
After using the newgrp command to open a new shell in a different primary group, how do you go back to the default primary group?
chmod o=r,g-w,u+x newfile.txt
Assigns others to have only the read permission, then remove the write permission from the group owner, and add the execute permission for the user owner for newfile.txt. Do this in one line.
root user ('su - root' and 'su -' are equivalent commands)
By default, if a username is not specified, the su command opens a new shell as this.
The primary group of the user who creates the file
By default, what is the group owner for a file?
Users that created them
By default, who owns the files that are created?
setgid on a file
Causes an executable file to execute under group owner identity, instead of the user running the command.
setuid on a file
Causes an executable file to execute under user owner identity, instead of the user running the command.
sticky on a directory
Causes files inside a directory to be able to be removed only by the user owner, or the root user.
setgid on a directory
Causes new files and directories that are created inside to be owned by the group that owns the directory.
newgrp adm
Change the current primary group to adm.
sudo chgrp nogroup newfile2.txt
Change the newfile2.txt group to nogroup
Characters 2-4
Character indices in the permissions list in ls -l command that indicate the permissions for the user that owns the file.
Characters 8-10
Character indices in the permissions list in the ls -l command that indicate the permissions for others or what is sometimes referred to as the world's permissions.
Characters 5-7
Character indices in the permissions list in the ls -l command that indicate the permissions for the group that owns the file.
chown (remember... change owner)
Command that allows the user owner to be changed by a user with root privileges.
newgrp
Command that will change your current primary group to another group you belong to.
groups
Command that will show what groups you belong to.
chgrp
Command that you use to change the group ownership of a file that's already been created. Note that this changes the group for that file but does not change the primary group.
chmod ('change the modes of access')
Command used to change the permissions of a file or directory. Note that only the root user or the user who owns the file is able to change the permissions of a file.
exit
Command used to exit the root user shell.
touch nullfile sudo chown root nullfile
Create a new file called 'nullfile' and change the user owner to the root user.
newgrp
If you want to make sure that any new files are in a particular group, is it more efficient to use the newgrp or the chgrp command?
any group that they belong to
Users are allowed to change the group owner of files they own to __________________.
sudo head -3 /etc/shadow
Display the first 3 lines of the /etc/shadow file as the root user. This file requires administrative privileges.
chmod u+s newfile.txt
For the user, add the setuid permission symbolically to the newfile.txt file
Only the user owner permissions apply
If a user is a member of a group, once user ownership has been established, does the set of user permissions or the set of group permissions apply?
Execute permission on the directory (so they can cd into the directory to see the file).
If all users have read access to a file, what permission do they also need at the directory level to actually view the file?
group owner permissions
If you are not the owner but are a member of the group that owns the file, then only _______ _______ _________ are used to determine access to that file.
root user
Logging into the system as this allows you to execute commands as the administrator. This access is potentially dangerous because you may forget that you are logged in as this and might run a command that could cause problems on the system. Therefore, it is not recommended to log in as this directly.
symbolic and octal
Name the two techniques of changing permissions with the chmod command.
cd, pathname
On a directory with the execute permission, the user can use the ___ command to 'get into' the directory and use the directory in a ________ to access files, and potentially, subdirectories under this directory.
added, removed
On a directory with the write permission, files can be _______ to or ________ from the directory. Note that the w permission really requires the x permission on the directory to work correctly.
file names
On a directory, the read permission allows ______ _______ in the directory to be listed, but other details are not available.
executed or run
On a file with the execute permission, a file can be ______ as a process.
viewed, copied
On a file, the read permission allows processes to read the contents of the file, meaning the contents can be _______ and ________.
saved
On a file, the write permission allows a file to be written to by the process, so that changes to a file can be _______. Note that the w permission really requires r permission on the file to work correctly.
The owner of the file can still use the chmod to grant permissions. Also if there are -wx permissions on the directory that contains this file, a user can remove it with the rm command.
These actions can be done when there are no permissions for anyone on the file.
The MODE argument
This argument of the chmod command represents the changes to make to the permissions.
sudo
This command allows users to execute commands as another user. The root user is assumed by default with this command.
su
This command allows you to run a shell as a different user. While switching to the root user is what this command is used for most frequently, it can also switch to other users as well.
id
This command can be useful for verifying which user account you are using and which groups you have available to use.
newgrp
This command places you in another shell in a different primary group.
whoami
This command prints the user name associated with the current user id.
others/world's group
This group includes all users who are not the file owner or a member of the file's group.
setuid
This permission is set on a handful of system utilities so that they can be run by normal users, but executed with the permissions of root, providing access to system files that the normal user doesn't normally have access to.
setgid
This permission is similar to setuid, but it makes use of the group owner permissions.
Both the symbolic link file and the file that it points to.
To access the file that a symbolic link points to, on what files do you need to have appropriate permissions?
login shell
When switching users, utilizing this option is recommended as this fully configures the new shell with the settings of the new user, ensuring any commands executed run correctly. If this option is omitted, the new shell changes the UID but doesn't fully log in as the user.
setuid
When the _______ permission is set on an executable binary file (a program), the binary file is run as the owner of the file, not as the user who executes it.
root user
When the passwd command attempts to update the /etc/shadow file, it uses the credentials of the _____ _____ to modify the file.
3 sets of 3 characters
When using the ls -l command with a filename, how many sets of three characters are the permissions broken into?
sudo
When using this command to execute a command as the root user, the command prompts for the user's own password, not that of the root user. This security feature could prevent unauthroized root access if the user were to leave their computer unattended.
The current primary group
Which group owns any new files or directories that are created?
Only the owner of the file and the root user.
Which users can change the group ownership of a file?
execute (in some instances, an uppercase S can be interpreted as an error)
Without the ________ permission for the user owner, the setuid permission is ineffective, meaning that the file will not be executable by the user owner even if the setuid permission is set.
The symbolic method
chmod technique that is good for changing one set of permissions at a time.
ls -l
ls option that will output permissions and ownership information.