| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| permissions [2021/03/09 19:59] – [Permission types] hc9 | permissions [2024/09/06 06:17] (current) – no” hc9 |
|---|
| ===== Permissions ===== | ===== Permissions ===== |
| |
| A Unix file system allows users to assign to files (including directories: "In Unix, Everything Is a File.") they own any combination of three permission types (**r**, **w**, **x**) to three classes of users (**u**, **g**, **o**). When a user requests access to a file, Unix first determines the requester's user class relative to the target file, then checks if the permission type requested has been assigned to that user class. | A Unix file system allows users to assign to files (including directories: “In Unix, Everything Is a File.”) they own any combination of three permission types (**r**, **w**, **x**) to three classes of users (**u**, **g**, **o**). When a user requests access to a file, Unix first determines the requester's user class relative to the target file, then checks if the permission type requested has been assigned to that user class. |
| |
| ==== Permission types ==== | ==== Permission types ==== |
| ^ g | //**G**roup//. Members of the user group to which the file has been assigned. | | ^ g | //**G**roup//. Members of the user group to which the file has been assigned. | |
| ^ o | //**O**thers//. Users not in either of the above classes. This is the user class that SDF's web server uses when a web browser requests a file from your web site.<sup>1</sup> | | ^ o | //**O**thers//. Users not in either of the above classes. This is the user class that SDF's web server uses when a web browser requests a file from your web site.<sup>1</sup> | |
| | **Notes:** - The use of CGI programs on a web site complicates the permission check. Access to the CGI program file itself is checked with user class **o**. Many web servers are configured so that file access requests from CGI programs are also checked with user class **o**. However, the SDF web server has been configured to execute CGI programs with the permissions of the owner of the program file (//you//, for CGI programs you have installed on your SDF web site). Therefore if your CGI program accesses files owned by you, permissions will be checked with user class **u**. Files not owned by you will be checked with user class **o**. || | | **Notes:** <sup>1</sup> The use of CGI programs on a web site complicates the permission check. Access to the CGI program file itself is checked with user class **o**. Many web servers are configured so that file access requests from CGI programs are also checked with user class **o**. However, the SDF web server has been configured to execute CGI programs with the permissions of the owner of the program file (//you//, for CGI programs you have installed on your SDF web site). Therefore if your CGI program accesses files owned by you, permissions will be checked with user class **u**. Files not owned by you will be checked with user class **o**. || |
| |
| ==== An example ==== | ==== An example ==== |
| <user-classes><operation><permission-types>[,<user-classes><operation><permission-types>]… | <user-classes><operation><permission-types>[,<user-classes><operation><permission-types>]… |
| |
| //user-classes//User class(es) for which permissions are to be changed. Specify with one-character class symbols ''u'', ''g'', ''o'', or ''a'' for all classes. May specify more than one class. //operation//One of the following: ''+'' | |
| Add permission types to user classes.''-'' | |1|//user-classes//| |
| Remove permission types from user classes.''='' | | |User class(es) for which permissions are to be changed. Specify with one-character class symbols ''u'', ''g'', ''o'', or ''a'' for all classes. May specify more than one class.| |
| Set permission types for user classes.//permission-types//Permission type(s) to be set or removed. Use one-character type symbols ''r'', ''w'', or ''x''. May specify more than one type. | |2|//operation//| |
| | | |One of the following:| |
| | | | ''+'' Add permission types to user classes.| |
| | | | ''-'' Remove permission types from user classes.| |
| | | | ''='' Set permission types for user classes.| |
| | |3|//permission-types//| |
| | | |Permission type(s) to be set or removed. Use one-character type symbols ''r'', ''w'', or ''x''. May specify more than one type.| |
| |
| Therefore the command: | Therefore the command: |
| ''% chflags uunlnk foo'' | ''% chflags uunlnk foo'' |
| |
| would be used to set the user undelete flag, and to disable that flag, simply add "no" in front of the option (in this example, uunlnk), like so: | would be used to set the user undelete flag, and to disable that flag, simply add “no” in front of the option (in this example, uunlnk), like so: |
| |
| ''chflags nouunlnk foo'' | ''chflags nouunlnk foo'' |
| ---- | ---- |
| |
| $Id: permissions.html,v 1.8 2007/10/02 11:22:28 papa Exp $ [[http://sdf.org/?tutorials/permissions|File Permissions]] - legacy link | $Id: permissions.html,v 1.8 2007/10/02 11:22:28 papa Exp $ [[http://sdf.org/?tutorials/permissions|File Permissions]] - traditional link (using [[wp>Revision_Control_System|RCS]]) |
| |
