GNU/Linux security model | جنو لينكس مصر

Submitted by Alaa on Sun, 19/12/2004 - 11:24.

( categories: )

Each file has an owner and belongs to a group.

Each running process has an owner and belongs to a group.

Users may belong to multiple groups.

at any session a user has an active group, and process she starts will inherit this active group.

each user has a default active group.

users may change the current active group using the commands newgrp and sg.

this security model is sufficient for most needs because GNU/Linux tries to represent everything as a file.

Each file has 3 sets of permissions that apply to different users, one set applies to the file owner, one applies to members of the file's group and the last set applies to anyone else.

in case one needs more some kernel modules offer Access Control Lists which provide more fine grained control.

Permission grid

	Read	Write	Execute	SetUID	SetGID	Sticky
file	Can read	can modify	Can execute	executed as if owner	executed as if were in that group	no effect
directory	can ls	can make new files and delete file	can cd to directory and access its files and subdirectories	no effect	new files get group & new dirs get setgid	only owners can delete files
alphabetical chmod	+r	+w	+x	u+s	g+s	o+t
numerical chmod	4	2	1	4000	2000	1000

Explain When and Why the kernel will need to be recompiled

GNU/Linux Vs. Microsoft

printer-friendly version | add new comment

حيث تأكل البطاريق الطعمية

Permission grid

Wiki

User login

Navigation

Upcoming events

Forum topics

Active forum topics:

New forum topics:

Latest Articles

Poll

Ranking Vote

Egyptian FOSS News

NewsForge

Linux Counter Egypt Statistics

Who's new

Who's online

Online users: