Read an Excerpt
From Chapter 3: Your UNIX Account
Protecting and Sharing Files
...UNIX makes it easy for users to share files and directories, Controlling exactly who has access takes some explaining, though-more explaining than we can do here. So here's a cookbook set of instructions. If you have critical security needs or you just want more information, see the references in Appendix A, Reading List.
Directory Access Permissions
A directory's access permissions help to control access to the files in it. These affect the overall ability to use files and subdirectories in the directory. (Once you have access to a directory, the ability to read or modify the contents of specific files is controlled by the file access permissions; see the second of the following two lists.)
In the commands below, replace dirname with the directory's pathname. An easy way to change permissions on the working directory is by using its relative pathname, . (dot), as in "chmod 755 .".
- To keep yourself from accidentally removing files (or adding or renaming files) in a directory, use chmod 555 dirname. To do the same, but also deny other users any access, use chmod 500 dirname.
- To protect the files in a directory and all its subdirectories from everyone else on your system--but still be able to do anything you want to dp there--use chmod 700 dirname.
- To let other people on the system see what's in a directory--and read or edit the files if the file permissions let them--but not rename, remove, or add files--use chmod 755 dirname.
- To let people in your UNIX group add, delete, and rename files in a directory ofyours--and read or edit other people's files if the file permissions let them--use chmod 775 dirname.
- To give full access to everyone on the system, use chmod 777 dirname.
File Access Permissions
The access permissions on a file control what can be done to the file's contents. The access permissions on the directory where the file is kept control whether the file can be renamed or removed.
- To make a private file that only you can edit, use chmod 600 filename. To protect it from accidental editing, use chmod 400 filename.
- To edit a file yourself, and let everyone else on the system read it without editing, use chmod 644 filename.
- To let you and all members of your UNIX group edit a file, but keep any other user from reading or editing it, use chmod 660 filename.
- To let nongroup users read but not edit the file, use chmod 664 filename.
- To let anyone read or edit the file, use chmod 666 filename.
Most Linux systems have a command that gives you more choices on file and directory protection: chattr. chattr is being developed, and your version may not have all of the features that it will have in later versions of Linux. For instance, chattr can make a Linux file append-only (so it can't be overwritten, only added to); compressed (to save disk space automatically); immutable (so it can't be changed at all); undeletable, and more. Check your online documentation (type man chattr--see Chapter 7) or ask your system administrator for advice on your system.
I get the message "chmod.. Not owner"
Only the owner of a file or directory can set its permissions. Use is -1 to find the owner.
When you log in to your system, you may see a notice that says "You have mail." Someone has sent you a message or document by electronic mail (email). With email, you can compose a message at your terminal and send it to another user or list of users. You can also read any messages that others may have sent to you.
Emal as several advantages over paper mail it's convenient if you're already logged in, it's delivered much more quickly, you can send it to any number of people almost as easily as to just one person, and the messages can be stored for later reference.
There are a lot of email programs for UNIX. Some UNIX systems have only an old, simple program named mail, which this book doesn't cover. Most UNIX systems have a Berkeley program called Mad (with an uppercase "M"), mailx, or just mail. A popular menu-driven program that's easier to learn is called pine. All programs' basic principles are the same, though. We'll cover the Berkeley mail program.
Your mail's recipient doesn't have to be logged in. The messages you send are stored in the recipient's "mailbox," a file deep in the UNIX filesystem (often located in the directory /usr/mail). Messages are kept there until the recipient logs in and decides to read them.
To send mail, give the address of each person you want to send a message to, like this:
mail address1 address2 ...
There are several kinds of addresses, too many to explain here. If you have questions, see one of the references in Appendix A or ask your system administrator or postmaster (the person who maintains your email system). The most common addresses have this syntax:
username is the person's username and hostname is the name of their computer. If the recipient reads email on the same computer you do, you may omit the @hostname. To keep a copy of your message, just add your username to the list of addresses...