Notes - Computer Security MT24, Access control in UNIX


Flashcards

@Describe how access control works in UNIX.


  • Each object is associated with a user, a group and an “other”
  • Each object has nine permission flags:
    • Read (r), write (w), execute (x), (or s instead of x)
    • For each user, group and other.
  • Each object belongs to one UID and one GID.
  • When a process requests access:
    • If its UID matches the object’s UID, the user permissions are used
    • If its GID matches the object’s GID, the group permissions are used
    • Otherwise, the other permissions are used

Explain the permissions on a file where ls -l shows

drwxrws---

.


  • d means that the file is a directory
  • rwx means that the owner has read, write and execute permissions (executing a folder means you can navigate into it)
  • rws means that the group owning the file can read, write and execute. The s instead of an x means that any user (allowed) to execute it will have their GID set to the owning group.
  • --- means that all other users cannot read, write or execute.



Related posts