Estimated difficulty: 💚🤍🤍
If you are a newbie in security and want to start learning about Unix, then this is a great post for you. This will be a quick fire post on file permissions. What do they mean and some of the vulnerabilities you might spot out in the wild.
What are file permissions?
File permissions allow or disallow a user to read, write or execute the file. In relation to Unix machines, the file permissions are grouped to the owner, group or other.
If you are opening up the command prompt for the first time then you might be presented with a screen that looks similar to the below prompt.
If you run the below command, then you will list a number of files, provided they exist in that directory.
ls -als -a - means all the files will be shown, including those prefixed with a . -l - means the output is in a long listing format -s - print out the size
Next to the file listed in the directory, there are a number of letters, numbers and a name.
The file permissions listed on the password.txt file are –rw-r–r–. The initial dash specifies the file type. The letters then apply to 3 user groups – owner, group and other.
|File Type||This can be represented as a – (file) or a d (directory). |
This is shown at the start of the
|read||Represented as an r.|
|write||represented as a w.|
|execute||represented as an x.|
The breakdown of the password.txt file can be seen in the below table
|Specified that it is a file.||The owner (kali) can read and write to the file. The – means they cannot execute.||A group can read the file. The two dashes after mean they cannot write or execute.||Anyone else can read the file. The two dashes after mean they cannot write or execute.|
The r w and x permissions equate octal digits between (0-7). See read (r) permission is assigned the digit 4; the write (w) permission is assigned the digit 2 and the execute (x) permission is assigned the digit 1. See the below table for more of an explanation, assuming that the permissions relate to a file.
|0||———-||No permissions granted|
|3||-wx||Write and execute|
|5||r-x||Read and execute|
|6||rw-||Read and write|
|7||rwx||Read, write and execute (full permissions)|
The permissions or octal numbers need to be added or changed for each owner (user), group or other group. Hence why the permissions shown previously came in groups of three.
How do you change permissions?
If you own the file and you want to change the file permissions then you need to use the chmod command.
Like the manual said, the command is used to change the file mode bits. In plain Engligh, it is changing whether the user, group or other can access the file. The user group or other are represented as a u, g or o respectively. an a represents all the groups/ users. Some command examples can be seen below.
chmod a+r password.txt - Adds the write permission for all the users. chmod ug+r password.txt - Adds the write permission for the user and group, but not for other. chmod o-x password.txt - Removes the execute permission for the other group. chmod a-w password.txt - Removes the write permision for all the user groups. chmod u=rwx,g=r,o= password.txt - Gives all permissions to the user, read permissions to the group and no permissions to the other group.
There is a great write up on the Linuxize site, so if you want more detail and information, then check out their post!
Another command is chown. This command can change the owner of a file. See the example below, which changes the owner and group of the password.txt file.
chown breanda password.txt - changes the owner of the file to Breanda. chown breanda:root password.txt - changes the owner to breanda and the group to root.
If you need to know more information about a command you are running, such as ls, chmod and others then you can append the man command, short for manual. It will list all the different flags and their descriptions. See an example below, where the command has been entered into the command prompt of a Kali Linux box.
The output will look like the below.
Thank you all for reading! I really hope this has helped even at least one of you on your journey with learning about Unix / Linux. If you have any questions or feedback, then pop a comment on below!