DEPARTMENT OF TECHNICAL EDUCATION

ANDHRA PRADESH
Name : Gandi Govinda Naidu
Designation : Head of Computer Engg Section
Branch : Computer Engg
Institute : Govt. Polytechnic for Women,

Bheemunipatnam
Year / Semester : III Semester
Subject : UNIX & C
Subject Code : CM-304
Topic : Basics of Unix
Duration : 50 Min
SubTopic : UNIX file protection methods
Teaching Aids : PPT, Animations, Photographs
CM304.8 1
 Recap

In previous period we learnt about

UNIX commands-like
-find
-diff
-comm
-banner
-wc

CM304.8 2
 Objectives

On completion of this period ,you would be able to

know
 Various UNIX file protection methods like
- chmod
- chgrp
- chown

CM304.8 3
 What is UNIX security?

UNIX can be considered as a very secured

operating system. UNIX provides security at the
following three levels.
a) Each user is assigned a login name and
password so that nobody can access the work of
others.
b) The directories and files of a user are
inaccessible to other users.

CM304.8 4
 Contd..
What is UNIX security?
c) There are read, write and execute permissions
for each file which decide who can access,
modify and execute a particular file.

d) Only the owner of the file (who has created) or

the system administrator can set and change
these permissions.

CM304.8 5
 Contd..
What is UNIX security?
e) A file encryption utility encodes your files into
the crypted format, so that even if someone gets
access to the file, they cannot read it. And only
when you want to read the contents of your file
you can decrypt it.

CM304.8 6
 Permissions : r w x of Ordinary files

 Every file in UNIX has a set of permissions

associated with it.
 The file permissions can be in terms of user,
group and others.
 Each of these three sets can be assigned a
read (r), write (w), execute (x) permissions.

CM304.8 7
 Permissions : r w x of Ordinary files
Contd..

 Read permission:
Data can be accessed from the file, but file
contents cannot be changed or erased.
 Write permission:
Addition, deletion, appending, insertion of
records or text from a file are permitted.
 Execute permission:
Valid only for binary executable files or shell
scripts. These files can be executed like
commands.
CM304.8 8
 Directory files

 Read permission:
It permits one to read contents of the directory
through ls or other command but does not
permit addition or removal of files or
subdirectories.
 Write permission:
It permits one to add or remove files or sub-
directories under the directory.

CM304.8 9
 Directory files
Contd..

 Execute permission:
It is possible to enter the directory through cd
command and search the directory or sub-
directories under it.

CM304.8 10
 UNIX Users

 There are three categories of UNIX users

- the owner who is the creator of the file or
directory, is called the user.

 The second type are the members of a group.

Each user is a member of a defined group
consisting of three or four users. A member in a
group can have access to files created by any
other member of the group.

CM304.8 11
 UNIX Users

 The third type of users are else other than the

group, the owner of the file but those using the
system.

These three categories are designated as

users(u),
group(g)
and others(o)

CM304.8 12
 File Permissions
 You “own” your files and directories
 user-group-other read/write permissions
-rw-r--r-- 1 jsmith staff 164870 27 Feb 17:58

6.bmp
-rw-r--r-- 1 jsmith staff 164870 27 Feb 17:57
5.bmp
-rw-r--r-- 1 jsmith staff 164870 27 Feb 17:57
4.5.bmp
-rw-r--r-- 1 jsmith staff 164870 27 Feb 17:57
4.bmp CM304.8 13
 File Permissions

chmod command changes permissions

chmod g-rw 6.bmp

-rw----r-- 1 jsmith staff 164870 27 Feb 17:58

6.bmp

CM304.8 14
 chown command

 Used to change individual ownership of a file.

 Owner of a file can be changed only by its owner
or superuser.
 Syntax is
$ chown owner file
where owner is the person to whom ownership is
to be given, file is the name of the file whose
ownership is transferred to other user.

CM304.8 15
 Contd..
chown command

example:
$ls –l salary
-rw-rw-rw- 1 nag 37 123 jan 14
10:33 salary
$chown jani salary
$ls –l salary
-rw-rw-rw- 1 jani 37 123 jan 14
10:33 salary
now jani has become the owner of the file.
CM304.8 16
 Contd..
chown Command

 Once the ownership of a file is given to a new

user then old owner cannot get back the
ownership of the file

 Unless the new owner decides and gives back

the ownership by chown command.

CM304.8 17
 The chmod command

 The chmod command is used to alter the set of

access permissions for a file.
 Only the owner of the file or superuser can alter
a file’s access permissions.
 The access permissions of a file can be changed
in two ways. They are symbolic mode and
absolute mode.
The symbolic mode:
Here the chmod command has the following
format:
$chmod [who] op-code file ..
CM304.8 18
 The chmod command Contd..

 The who part is a combination of the letters u

(for user’s permissions), g (group),o (for other
users) , and a (for all).
 For example go represents group and other, uo
represent user and other.
 The default is a if who is omitted.

CM304.8 19
 Contd..
The chmod command

 Op code indicates + to add permission to the

files mode. – to take away permission.
 The mode letters are r (read), w (write), x
(execute).
 These mode letters can be combined to indicate
the permissions.
 For example rw indicate a read and write
permission.
CM304.8 20
 chmod Examples
$ls –l salary
-rw-rw-rw- 1 nag 37 123 Jan 14 10:33 salary

$chmod u+x salary

-rwxrw-rw- 1 nag 37 123 Jan 14 10:33 salary

In this example we have given execute

permission to the user for the file salary.

CM304.8 21
 chmod Examples

$chmod go-w salary

-rwxr- - r- - 1 nag 37 123 Jan 14 10:33 salary

In this example we have taken write permission

from group and others for the file salary.

CM304.8 22
 Contd..
chmod Examples

Absolute mode:
The absolute format is based on octal numbers
representing the three kinds of access
permission. The octal values for read, write and
execute modes are:
read write execute
4 2 1

CM304.8 23
 The command format is

 $chmod mode file

where mode is a three digit number,
 first digit representing the permission mode for
user,
 second digit representing the permission mode
for the group and
 third digit representing the permission mode for
others. The individual digits as derived by adding
the octal values that correspond to the individual
types of permissions(that is read, write and
execute).
CM304.8 24
Example: Contd..
For giving all modes for all the types of users

User group others

r w x r w x r w x
4 2 1 4 2 1 4 2 1
7 7 7

octal value=777 for giving all modes to user,

read and execute mode for group and execute
permission for others .

CM304.8 25
 The command format is Contd..

User group others

r w x r w x r w x
4 2 1 4 - 1 - - 1
7 5 1
octal value=751
for giving all mode to user and no permission for
group and other

CM304.8 26
 The command format is Contd..

User group others

r w x r w x r w x
4 2 1
7 0 0

octal value=700
example

CM304.8 27
 Contd..
The command format is

$ls –l salary
-rwxrw-rw- 1 nag 37 123 Jan 14
10:33 salary
$chmod 600 salary
$ls – salary
-rw- - - - - - - 1 nag 37 123 Jan 14
10:33 salary

CM304.8 28
 The command format is Contd..

 The two main reasons to change the

permission mode for a specific file are:

a)To write protect files containing important

information so that we don’t accidentally
overwrite the file.
b)To deny others access for private and
important documents.

CM304.8 29
 The chgrp command

 The chgrp command is used to change the

group ownership of a file.
chgrp is possible if you are a member of
more than one group and you are working in
directories with different access permissions.
Syntax:
$chgrp group-id file
The group-id may be either a decimal GID or a
group name found in the /etc/group file.
CM304.8 30
 The chgrp command Contd..

Example:
$pwd
/usr/fac/jani
$ls –ld temp
drwxrwxrwx 1 jani 37 Jan 9 11:20 temp
$chgrp 38 temp
$ls –ld temp
drwxrwxrwx 1 jani 38 Jan 9 11:20 temp
Notice that the ls command given before chgrp
gives 37 as group-id and ls command given after
chgrp gives 38 as group-id.
CM304.8 31
 Summary

We have discussed about UNIX file protection

methods
 chmod
 chgrp
 chown

CM304.8 32
 Quiz

1.chgrp means change------

(a) root

(b) etc
(c) group
(d) none

CM304.8 33
 Quiz

1.chgrp means change------

(a) root

(b) etc
(c) group
(d) none

CM304.8 34
 Quiz

2.In UNIX chmod is used for file---

(a) copy

(b) move

(c) change

(d) protection

CM304.8 35
 Quiz

2.In UNIX chmod is used for file---

(a) copy

(b) move

(c) change

(d) protection

CM304.8 36
 Quiz

3.chown is used by --

(a) enduser
(b) manager

(c) @all

(d) owner
CM304.8 37
 Quiz

3.chown is used by --

(a) enduser
(b) manager

(c) @all

(d) owner
CM304.8 38
 Frequently asked questions

1. Explain chmod with examples.

2. Differentiate between chgrp and chown.

CM304.8 39