< Previous | Contents | Next >
9 – Permissions
Operating systems in the Unix tradition differ from those in the MS-DOS tradition in that they are not only multitasking systems, but also multi-user systems, as well.
What exactly does this mean? It means that more than one person can be using the com- puter at the same time. While a typical computer will likely have only one keyboard and monitor, it can still be used by more than one user. For example, if a computer is attached to a network or the Internet, remote users can log in via ssh (secure shell) and operate the computer. In fact, remote users can execute graphical applications and have the graphical output appear on a remote display. The X Window System supports this as part of its basic design.
The multiuser capability of Linux is not a recent "innovation," but rather a feature that is deeply embedded into the design of the operating system. Considering the environment in which Unix was created, this makes perfect sense. Years ago, before computers were "personal," they were large, expensive, and centralized. A typical university computer system, for example, consisted of a large central computer located in one building and terminals which were located throughout the campus, each connected to the large central computer. The computer would support many users at the same time.
In order to make this practical, a method had to be devised to protect the users from each other. After all, the actions of one user could not be allowed to crash the computer, nor could one user interfere with the files belonging to another user.
In this chapter we are going to look at this essential part of system security and introduce the following commands:
● id – Display user identity
● chmod – Change a file's mode
● umask – Set the default file permissions
● su – Run a shell as another user
● sudo – Execute a command as another user
● chown – Change a file's owner
● chgrp – Change a file's group ownership
● passwd – Change a user's password