find: Mode Structure
1
1 5.1 Structure of File Permissions
1 =================================
1
1 There are three kinds of permissions that a user can have for a file:
1
1 1. permission to read the file. For directories, this means
1 permission to list the contents of the directory.
1 2. permission to write to (change) the file. For directories, this
1 means permission to create and remove files in the directory.
1 3. permission to execute the file (run it as a program). For
1 directories, this means permission to access files in the
1 directory.
1
1 There are three categories of users who may have different
1 permissions to perform any of the above operations on a file:
1
1 1. the file's owner;
1 2. other users who are in the file's group;
1 3. everyone else.
1
1 Files are given an owner and group when they are created. Usually
1 the owner is the current user and the group is the group of the
1 directory the file is in, but this varies with the operating system, the
1 file system the file is created on, and the way the file is created.
1 You can change the owner and group of a file by using the 'chown' and
1 'chgrp' commands.
1
1 In addition to the three sets of three permissions listed above, a
1 file's permissions have three special components, which affect only
1 executable files (programs) and, on some systems, directories:
1
1 1. Set the process's effective user ID to that of the file upon
1 execution (called the "setuid bit"). No effect on directories.
1 2. Set the process's effective group ID to that of the file upon
1 execution (called the "setgid bit"). For directories on some
1 systems, put files created in the directory into the same group as
1 the directory, no matter what group the user who creates them is
1 in.
1 3. prevent users from removing or renaming a file in a directory
1 unless they own the file or the directory; this is called the
1 "restricted deletion flag" for the directory. For regular files on
1 some systems, save the program's text image on the swap device so
1 it will load more quickly when run; this is called the "sticky
1 bit".
1
1 In addition to the permissions listed above, there may be file
1 attributes specific to the file system, e.g: access control lists
1 (ACLs), whether a file is compressed, whether a file can be modified
1 (immutability), whether a file can be dumped. These are usually set
1 using programs specific to the file system. For example:
1
1 ext2
1 On GNU and GNU/Linux the file permissions ("attributes") specific
1 to the ext2 file system are set using 'chattr'.
1
1 FFS
1 On FreeBSD the file permissions ("flags") specific to the FFS file
1 system are set using 'chrflags'.
1
1 Although a file's permission "bits" allow an operation on that file,
1 that operation may still fail, because:
1
1 * the file-system-specific permissions do not permit it;
1
1 * the file system is mounted as read-only.
1
1 For example, if the immutable attribute is set on a file, it cannot
1 be modified, regardless of the fact that you may have just run 'chmod
1 a+w FILE'.
1