Select "print" from your browser's "File" menu.

Back to Post


Username Post: File and Directory Permissioning
Couchtomatoe
Code Monkey
Posts 3049
Couchtomatoe 		08-24-07 03:40 PM - Post#71419    

drwx------ 2 richard staff 2048 Jan 2 1997 private
drwxrws--- 2 richard staff 2048 Jan 2 1997 admin
-rw-rw---- 2 richard staff 12040 Aug 20 1996 admin/userinfo
drwxr-xr-x 3 richard user 2048 May 13 09:27 public


Understanding how to read this output is useful to all unix users, but especially people using group access permissions.


Field 1: a set of ten permission flags.
Field 2: link count (don't worry about this)
Field 3: owner of the file
Field 4: associated group for the file
Field 5: size in bytes
Field 6-8: date of last modification (format varies, but always 3 fields)
Field 9: name of file (possibly with path, depending on how ls was called)


The permission flags are read as follows (left to right)
position Meaning
1 directory flag, 'd' if a directory, '-' if a normal file, something else occasionally may appear here for special devices.
2,3,4 read, write, execute permission for User (Owner) of file
5,6,7 read, write, execute permission for Group
8,9,10 read, write, execute permission for Other
value Meaning
- in any position means that flag is not set
r file is readable by owner, group or other
w file is writeable. On a directory, write access means you can add or delete files
x file is executable (only for programs and shell scripts - not useful for data files). Execute permission on a directory means you can list the files in that directory
s in the place where 'x' would normally go is called the set-UID or set-groupID flag.

The default file permissions (umask):

Each user has a default set of permissions which apply to all files created by that user, unless the software explicitly sets something else. This is often called the 'umask', after the command used to change it. It is either inherited from the login process, or set in the .cshrc or .login file which configures an individual account, or it can be run manually.

Typically the default configuration is equivalent to typing 'umask 22' which produces permissions of:

-rw-r--r-- for regular files, or
drwxr-xr-x for directories.

In other words, user has full access, everyone else (group and other) has read access to files, lookup access to directories.

When working with group-access files and directories, it is common to use 'umask 2' which produces permissions of:

-rw-rw-r-- for regular files, or
drwxrwxr-x for directories.

For private work, use 'umask 77' which produces permissions:

-rw------- for regular files, or
drwx------ for directories.

The logic behind the number given to umask is not intuitive.


So in a Nutshell

0777 or drwxrwxrwx gives world, group, and user access to the directory where as 0666 or rw-rw-rw gives world, group, and user access to the files

now after initial configuration of your forum it is safe to most files to 664 or rw-rw--- and most directories to 775 or drwxrwxr-x


Code:



 config (directory to 0777 and files within to 0666)
cron (directory to 0777 and files within to 0775)
fbbavatars (directory to 0777 and files within to 0666)
fbbuploads (directory to 0777 and files within to 0666)
    pt_files (directory to 0777 and files within to 0666)
images (directory to 0777 and files within to 0666)
    avatars (directory to 0777 and files within to 0666)
    forumimages (directory to 0777 and files within to 0666)
    icons (directory to 0777 and files within to 0666)
    smilies (directory to 0777 and files within to 0666)
    statusflags (directory to 0777 and files within to 0666)
language (directory to 0777 and files within to 0666)
    english (directory to 0777 and files within to 0666)
 

The artist formerly known as scroungr
Couch-Tomatoe



FusionBB™ Version 3.2 | ©2003-2013 InteractivePHP, Inc.
Execution time: 0.066 seconds.   Total Queries: 18   Zlib Compression is on.
All times are (GMT-4). Current time is 09:32 AM
Top