|
The "chmod" Utility
The most commonly used permission modification
utility is chmod. This utility allows you to modify the permission bits of
a file or directory. It is also one of the most difficult utility for
new web technicians to master because it is a little obtuse in design.
Essentially, the "chmod" utility breaks down the 9
fields into three numbers (owner rights, group rights and world rights)
such that each number defines three fields (readable, writable, and
executable).
The break down follows the following scheme. If a file
is readable, it gets 4 points. If it is writable, it gets 2 points and if it is
executable, it gets 1 point. The total number of points will define its access
privileges.
But again, this is best seen by example.
Consider the following:
Code |
Explanation |
0 |
No permission for anything |
1 |
executable only. Used rarely for executable application or directory |
2 |
writable only. Rarely ever used |
3 |
writable and executable only. Rarely, if ever, used. |
4 |
Readable only. Good for HTML files. If you store them as read only, then
they are rarely lost if someone accidentally or intentionally
attempts to delete them. Not so useful for directories |
5 |
Readable and executable but not writable. Used for CGI scripts that
should not be modified or deleted after they work. Also good for directories |
6 |
Readable and writable but not executable. Okay for files that you are
working on, but it is best not to store files in a writable form for your
own safety. |
7 |
Readable, writable and executable. The wad. Just be very, very careful,
especially if you have something writable AND executable in a CGI directory. |
But wait, you are not done there. Once you have determined
what numbers to assign, you must assign them to the correct groups. That is
you must provide permission instructions for owner, group and world. To do that,
you will use the "chmod" utility that takes a three digit number and a filename.
The three-digit number will correspond to owner, group and world values and
will be a number between 0-7 according to the formula explained above. Let's
look at some examples...
Command |
Explanation |
chmod 444 myfile.txt |
Sets the permission for myfile.txt such that owner, group and world have
read permission only. This is a pretty secure way to store HTML files when they
are not being currently edited |
chmod 644 *.html |
Sets the permission for all files with the .html extension such that
the owner may read or write to the file but group and world may only
read. |
chmod 751 ../cgi-bin/*.cgi |
Sets the permission for all files with the .cgi extension in the cgi-bin
directory (which is up one directory from the current directory) such that
the owner may read or write and execute the script, group members can read and
execute it, and world may only execute it. This is pretty good for CGI scripts but
it is probably better to use 551 so that you don't accidentally modify or
delete it |
|