Differences

This shows you the differences between two versions of the page.

--- so:users_chmod:examples-en [2025/03/31 14:24]
jkonczak Translation page created
+++ so:users_chmod:examples-en [2025/03/31 14:24] (current)
jkonczak
@@ Line 1: / Line 1: @@
-====== examples-en ======
+==== id ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> whoami
+user
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> groups
+wheel users android
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> groups john
+android chromium
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> id
+uid=1005(user) gid=100(users) grupy=100(users),10(wheel),968(android)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> id john
+uid=1234(john) gid=1001(chromium) grupy=1001(chromium),968(android)
+</pre>
+</html>
+==== su ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> su
+Password:
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> su john
+Password:
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> id
+uid=1005(user) gid=100(users) groups=100(users),10(wheel),968(android)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> newgrp android
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> id
+uid=1005(user) gid=968(android) groups=968(android),10(wheel),100(users)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> su john
+Password:
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> sg android -c &apos;ps -H -o user,group,cmd -t `tty`&apos;
+USER     GROUP    CMD
+user     users    -bash
+root     users      su john
+john     chromium     bash
+root     chromium       sg android -c ps -H -o user,group,cmd -t `tty`
+john     android          ps -H -o user,group,cmd -t /dev/pts/11
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span>
+</pre>
+Notice that every time a command such as <code>su</code>, <code>newgrp</code>, …
+is started, it launches a new process (a shell by default).
+</html>
+==== who ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> who
+user     tty2         2025-01-04 10:04 (:0)
+user     pts/0        2025-01-04 10:04 (:0)
+user     pts/1        2025-01-04 10:06 (:0)
+user     pts/2        2025-01-04 12:25 (:0)
+user     pts/4        2025-01-04 12:27 (:0)
+user     tty3         2025-01-04 14:54
+user     pts/6        2025-01-04 18:36 (:0)
+jane     pts/5        2025-01-04 13:43
+john     pts/3        2025-01-04 23:43
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> w
+:46:14 up 13:45,  9 users,  load average: 0.97, 0.66, 0.53
+USER     TTY        LOGIN&#64;   IDLE   JCPU   PCPU WHAT
+user     tty2      10:04   12:45m  0.00s  0.17s /usr/bin/startplasma-x11
+user     pts/0     10:04    2:21   0.95s  0.72s /bin/bash
+user     pts/1     10:06    2:04m  0.26s  0.06s alsamixer -c0
+user     pts/2     12:25    0.00s  0.23s  0.23s /bin/bash
+user     pts/4     12:27   54:13  10.42s 10.33s ssh root&#64;10.0.0.7
+user     tty3      14:54    8:52m  2:07    ?    xinit /etc/X11/xinit/xinitrc -- /etc/X11/xinit/xserverrc :1 -auth /tmp/serverauth.w8runSyQCb
+user     pts/6     18:36    3:26m  0.21s   ?    /usr/bin/less
+jane     pts/5     13:43    2:22   0.80s  0.52s top
+john     pts/3     23:43    2:27   0.23s  0.01s /usr/lib/python-exec/python3.12/python
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> last -n 3 user
+user     tty3                          Sat Jan  4 14:54   still logged in
+user     pts/9                         Sat Jan  4 20:05 - 09:13 (5+13:08)
+user     pts/1        :0               Thu Jan  2 10:05 - 10:21  (00:15)
+wtmp begins Mon Dec 31 23:59:59 2024
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> last -n 7
+john     pts/3                         Sat Jan  4 23:43   still logged in
+user     tty3                          Sat Jan  4 14:54   still logged in
+jane     pts/3                         Sat Jan  4 13:43   still logged in
+user     pts/9                         Sat Jan  4 20:05 - 09:13 (2+13:08)
+user     pts/1        :0               Thu Jan  2 10:05 - 10:21  (00:15)
+user     pts/17       :0               Wed Jan  1 22:10 - 22:37  (00:26)
+reboot   system boot  6.8.8            Wed Jan  1 22:08   still running
+user     pts/16       :0               Wed Jan  1 12:10 - 12:37  (00:26)
+wtmp begins Mon Dec 31 23:59:59 2024
+</pre>
+</html>
+==== umask ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> umask
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> mkdir d_zero-two-two
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch f_zero-two-two
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> umask 027
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> mkdir d_zero-two-seven
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch f_zero-two-seven
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> umask 421
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> mkdir d_four-two-one
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch f_four-two-one
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -ltr
+drwxr-xr-x 2 user users  4096 Jan 04 00:01 <span style="font-weight:bold;color:#5c5cff;">d_zero-two-two</span>
+-rw-r--r-- 1 user users     0 Jan 04 00:02 f_zero-two-two
+drwxr-x--- 2 user users  4096 Jan 04 00:03 <span style="font-weight:bold;color:#5c5cff;">d_zero-two-seven</span>
+-rw-r----- 1 user users     0 Jan 04 00:04 f_zero-two-seven
+d-wxr-xrw- 2 user users  4096 Jan 04 00:05 <span style="color:#0000ee;"></span><span style="color:#0000ee;background-color:#00cd00;">d_four-two-one</span>
+--w-r--rw- 1 user users     0 Jan 04 00:06 f_four-two-one
+</pre>
+</html>
+==== chmod ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> ls -l butterflies.txt
+<b>-rw-r--r--</b> 1 <b>user users</b> 55 Jan 04 12:00 <span style="color:#00cd00;">butterflies.txt</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat butterflies.txt
+  File: butterflies.txt
+  Size: 55              Blocks: 8          IO Block: 4096   regular file
+Device: 254,3   Inode: 15466579    Links: 1
+Access: (<b>0644</b>/<b>-rw-r--r--</b>)  Uid: ( <b>1005</b>/    <b>user</b>)   Gid: (  <b>100</b>/   <b>users</b>)
+Access: 2025-01-04 12:00:00.000000000 +0100
+Modify: 2025-01-04 12:00:00.000000000 +0100
+Change: 2025-01-04 12:00:00.000000000 +0100
+ Birth: 2025-01-04 12:00:00.000000000 +0100
+</pre>
+Permissions are shown in the symbolic notation as a part of the <code>ls -l</code>
+output, and both in the symbolic notation and in the octal notation in the output
+of the <code>stat</code> command.
+</html>
+\\
+<html>
+The following three examples set the same permissions by use of different
+mode arguments provided to the <code>chmod</code> command:
+<pre style="line-height:100%; margin:0">
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat butterflies.txt | sed -n &apos;4p&apos;
+Access: (</span>0644/-rw-r--r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod g+w butterflies.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat butterflies.txt | sed -n &apos;4p&apos;
+Access: (</span>0664/-rw-rw-r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod ug+x butterflies.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat butterflies.txt | sed -n &apos;4p&apos;
+Access: (</span>0774/-rwxrwxr--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod o-r butterflies.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat butterflies.txt | sed -n &apos;4p&apos;
+Access: (</span>0770/-rwxrwx---<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+</pre>
+</html>
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat field.txt | sed -n &apos;4p&apos;
+Access: (</span>0644/-rw-r--r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod ug+x,g+w,o-r field.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat field.txt | sed -n &apos;4p&apos;
+Access: (</span>0770/-rwxrwx---<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+</pre>
+</html>
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat pause.txt | sed -n &apos;4p&apos;
+Access: (</span>0644/-rw-r--r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod 770 pause.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat pause.txt | sed -n &apos;4p&apos;
+Access: (</span>0770/-rwxrwx---<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+</pre>
+</html>
+<html>
+<code>chmod</code> allows omitting <code>ugo</code> in the symbolic notation, and
+in such case it performs each of the changes for user, group and others, unless
+the mask (<code>umask</code>) disables the mode bit in question:
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod 0 rain.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat rain.txt | sed -n &apos;4p&apos;
+Access: (</span>0000/----------<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> umask
+</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod +rw rain.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat rain.txt | sed -n &apos;4p&apos;
+Access: (</span>0644/-rw-r--r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+</pre>
+</html>
+<html>
+Special permission bits in the symbolic notation are displayed as the letter
+<code>s/S</code> and <code>t/T</code> on the appropriate positions; capitalization
+indicates whether the execute permission veiled by the special permission is
+unset.
+<pre style="line-height:100%; margin:0">
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat smell.txt | sed -n &apos;4p&apos;
+Access: (</span>0644/-rw-r--r--<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod g+s,o= smell.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat smell.txt | sed -n &apos;4p&apos;
+Access: (</span>2640/-rw-r-S---<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod g+x smell.txt
+<span style="opacity:0.5"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> stat smell.txt | sed -n &apos;4p&apos;
+Access: (</span>2650/-rw-r-s---<span style="opacity:0.5">)  Uid: ( 1005/    user)   Gid: (  100/   users)</span>
+</pre>
+</html>
+==== ugo ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod 077 butterflies.txt
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod 707 field.txt
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chmod 770 pause.txt
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> chgrp android field.txt
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> ls -l
+total 24
+----rwxrwx 1 user users     55 Jan 04 12:00 <span style="font-weight:bold;color:#00ff00;">butterflies.txt</span>
+-rwx---rwx 1 user android   82 Jan 04 12:00 <span style="font-weight:bold;color:#00ff00;">field.txt</span>
+-rwxrwx--- 1 user users     85 Jan 04 12:00 <span style="font-weight:bold;color:#00ff00;">pause.txt</span>
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> cat butterflies.txt
+cat: butterflies.txt: Permission denied
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/perms $</span> su john
+Password:
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/perms</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> groups
+android chromium
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/perms</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> cat field.txt
+cat: field.txt: Permission denied
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/perms</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> cat pause.txt
+cat: pause.txt: Permission denied
+</pre>
+Notice that e.g., when the user <code>john</code> that belongs to the grup
+<code>android</code> accesses the file <code>field.txt</code>, only the
+permissions for the group are considered – the user cannot access the file
+even though "others" can.
+</html>
+==== dir_no_read ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> mkdir lights_off
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> chmod 333 lights_off
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls lights_off
+ls: cannot open directory &apos;lights_off&apos;: Permission denied
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> fortune &gt; lights_off/lego
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> cd lights_off
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/lights_off $</span> cat lego
+You can be sure of succeding in your attacks if you only attack places which are undefended
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/lights_off $</span> ls -l .
+ls: cannot open directory &apos;.&apos;: Permission denied
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/lights_off $</span> ls -l ghost
+ls: cannot access &apos;ghost&apos;: No such file or directory
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/lights_off $</span> ls -l lego
+-rw-r--r-- 1 user users 92 Jan 04 12:00 lego
+</pre>
+</html>
+==== dir_create_remove ====
+<html>
+<p style="margin:0">
+To create or remove entries (this includes any file type, e.g., ordinary files
+and directories) in a directory, it suffices to have execute and write access
+to the directory.
+The special "sticky bit" permission additionally forbids removing files by users
+that neither own the file to be removed nor the directory from which the file is
+to be removed.
+</p>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> chgrp android ffa
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> chmod g+w ffa
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> cd ffa
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> touch user_file
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> su john
+Password:
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> id
+uid=1234(john) gid=1001(chromium) groups=1001(chromium),968(android)
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> mkdir john_empty_dir john_dir
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> touch john_file1 john_file2 john_file3 john_dir/file
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> su jane
+Password:
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> touch jane_file
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> tree -pug
+[drwxrwxr-x user     android ]  <span style="font-weight:bold;color:#5c5cff;">.</span>
+├── [-rw-r--r-- jane     android ]  jane_file
+├── [drwxr-xr-x john     chromium]  <span style="font-weight:bold;color:#5c5cff;">john_dir</span>
+│   └── [-rw-r--r-- john     chromium]  file
+├── [drwxr-xr-x john     chromium]  <span style="font-weight:bold;color:#5c5cff;">john_empty_dir</span>
+├── [-rw-r--r-- john     chromium]  john_file1
+├── [-rw-r--r-- john     chromium]  john_file2
+├── [-rw-r--r-- john     chromium]  john_file3
+└── [-rw-r--r-- user     users   ]  user_file
+directories, 6 files
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -f user_file
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -f john_file1
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -rf john_empty_dir
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -rf john_dir
+rm: cannot remove &apos;john_dir/file&apos;: Permission denied
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> tree -pug
+[drwxrwxr-x user     android ]  <span style="font-weight:bold;color:#5c5cff;">.</span>
+├── [-rw-r--r-- jane     android ]  jane_file
+├── [drwxr-xr-x john     chromium]  <span style="font-weight:bold;color:#5c5cff;">john_dir</span>
+│   └── [-rw-r--r-- john     chromium]  file
+├── [-rw-r--r-- john     chromium]  john_file2
+└── [-rw-r--r-- john     chromium]  john_file3
+directories, 4 files
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> chmod o+t .
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> su jane
+Password:
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -f jane_file
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> rm -f john_file2
+rm: cannot remove &apos;john_file2&apos;: Operation not permitted
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user/ffa $</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> rm -f john_file2
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> chmod go=rx .
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~/ffa $</span> su john
+Password:
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> tree -pug
+[drwxr-xr-x user     android ]  <span style="color:#e5e5e5;"></span><span style="font-weight:bold;color:#5c5cff;">.</span>
+├── [drwxr-xr-x john     chromium]  <span style="font-weight:bold;color:#5c5cff;">john_dir</span>
+│   └── [-rw-r--r-- john     chromium]  file
+└── [-rw-r--r-- john     chromium]  john_file3
+directories, 2 files
+<span style="font-weight:bold;color:#7f7f7f;">[</span><span style="font-weight:bold;color:#808000;">host</span><span style="font-weight:bold;color:#00ffff;"> /home/user/ffa</span><span style="font-weight:bold;color:#7f7f7f;">]</span><span style="font-weight:bold;color:#808000;">$</span> rm john_file3
+rm: cannot remove &apos;john_file3&apos;: Permission denied
+</pre>
+</html>
+==== write_only ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch incoming
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> chmod 422 incoming
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> cat incoming
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> echo &quot;hello&quot; &gt;  incoming
+-bash: incoming: Permission denied
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> su jane
+Password:
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user $</span> cat incoming
+cat: incoming: Permission denied
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user $</span> echo &quot;hello&quot; &gt;  incoming
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user $</span> echo &quot;user!&quot; &gt;&gt; incoming
+<span style="font-weight:bold;color:#ff00ff;">jane</span>&#64;<span style="font-weight:bold;color:#00ff00;">host</span><span style="font-weight:bold;color:#5c5cff;"> /home/user $</span> exit
+exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> cat incoming
+hello
+user!
+</pre>
+</html>
+==== suid_sgid ====
+<html>
+<p style="margin:0">
+Suid and sgid cause the executable to be run as a different user/group by changing
+the effective user/group identifier (euid/egid) to that of the file.
+</p>
+<pre style="line-height:100%; margin:0"><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> pygmentize prog.c
+<span style="color:#af005f;">int</span><span style="color:#bcbcbc;"> </span><span style="color:#0000ff;">main</span>(<span style="color:#af005f;">int</span>,<span style="color:#bcbcbc;"> </span><span style="color:#af005f;">char</span><span style="color:#bcbcbc;"> </span><span style="color:#626262;">**</span>a)<span style="color:#bcbcbc;"> </span>{
+<span style="color:#bcbcbc;">  </span><span style="color:#af005f;">char</span><span style="color:#bcbcbc;"> </span><span style="color:#626262;">*</span>name;
+<span style="color:#bcbcbc;">  </span>asprintf(<span style="color:#626262;">&amp;</span>name,<span style="color:#bcbcbc;"> </span><span style="color:#af0000;">&quot;%s.txt&quot;</span>,<span style="color:#bcbcbc;"> </span>a[<span style="color:#626262;">0</span>]);
+<span style="color:#bcbcbc;">  </span><span style="color:#af005f;">int</span><span style="color:#bcbcbc;"> </span>file<span style="color:#bcbcbc;"> </span><span style="color:#626262;">=</span><span style="color:#bcbcbc;"> </span>creat(name,<span style="color:#bcbcbc;"> </span><span style="color:#626262;">0644</span>);
+<span style="color:#bcbcbc;">  </span>free(name);
+<span style="color:#bcbcbc;">  </span>write(file,<span style="color:#bcbcbc;"> </span><span style="color:#af0000;">&quot;Hello</span><span style="font-weight:bold;color:#af5f00;">\n</span><span style="color:#af0000;">&quot;</span>,<span style="color:#bcbcbc;"> </span><span style="color:#626262;">6</span>);
+<span style="color:#bcbcbc;">  </span>close(file);
+<span style="color:#bcbcbc;">  </span>execlp(<span style="color:#af0000;">&quot;id&quot;</span>,<span style="color:#bcbcbc;"> </span><span style="color:#af0000;">&quot;id&quot;</span>,<span style="color:#bcbcbc;"> </span><span style="color:#626262;">0</span>);
+<span style="color:#bcbcbc;">  </span><span style="font-weight:bold;color:#008700;">return</span><span style="color:#bcbcbc;"> </span><span style="color:#626262;">1</span>;
+}
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> gcc -w -ansi ./prog.c -o prog
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> su
+Password:
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> cp prog prog-suid
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> cp prog prog-sgid
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> cp prog prog-none
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> chown daemon:man prog-*
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> chmod u+s prog-suid
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> chmod g+s prog-sgid
+<span style="font-weight:bold;color:#ff0000;">root&#64;host </span><span style="font-weight:bold;color:#5c5cff;">/home/user #</span> exit
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat prog-* | awk &apos;/F/{f=$0}/)/{print f &quot;\t&quot; $0}&apos;
+  File: prog-none       Access: (0755/-rwxr-xr-x)  Uid: (    2/  daemon)   Gid: (   15/     man)
+  File: prog-sgid       Access: (2755/-rwxr-sr-x)  Uid: (    2/  daemon)   Gid: (   15/     man)
+  File: prog-suid       Access: (4755/-rwsr-xr-x)  Uid: (    2/  daemon)   Gid: (   15/     man)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> chmod go+w .
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ./prog-none
+uid=1005(user) gid=100(users) groups=100(users),10(wheel),968(android)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ./prog-suid
+uid=1005(user) gid=100(users) euid=2(daemon) groups=100(users),10(wheel),968(android)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ./prog-sgid
+uid=1005(user) gid=100(users) egid=15(man) groups=15(man),10(wheel),100(users),968(android)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat prog-*.txt | awk &apos;/F/{f=$0}/)/{print f &quot;\t&quot; $0}&apos;
+  File: prog-none.txt   Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (  100/   users)
+  File: prog-sgid.txt   Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (   15/     man)
+  File: prog-suid.txt   Access: (0644/-rw-r--r--)  Uid: (    2/  daemon)   Gid: (  100/   users)
+<span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -ltr prog-*
+-rwsr-xr-x 1 daemon man   15680 Jan 04 12:01 <span style="color:#e5e5e5;"></span><span style="color:#e5e5e5;background-color:#cd0000;">prog-suid</span>
+-rwxr-sr-x 1 daemon man   15680 Jan 04 12:02 <span style="color:#000000;"></span><span style="color:#000000;background-color:#cdcd00;">prog-sgid</span>
+-rwxr-xr-x 1 daemon man   15680 Jan 04 12:03 <span style="font-weight:bold;color:#00ff00;">prog-none</span>
+-rw-r--r-- 1 user   users     6 Jan 04 12:04 <span style="color:#00cd00;">prog-none.txt</span>
+-rw-r--r-- 1 user   man       6 Jan 04 12:05 <span style="color:#00cd00;">prog-sgid.txt</span>
+-rw-r--r-- 1 daemon users     6 Jan 04 12:06 <span style="color:#00cd00;">prog-suid.txt</span>
+</pre>
+</html>
+==== touch ====
+<html>
+<pre style="line-height:100%; margin:0">
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat essay.odt
+  File: essay.odt
+  Size: 73414           Blocks: 144        IO Block: 4096   regular file
+Device: 254,3   Inode: 15466607    Links: 1
+Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (  100/   users)
+Access: 2025-01-02 12:00:00.000000000 +0100
+Modify: 2025-01-01 12:00:00.000000000 +0100
+Change: 2025-01-02 12:00:00.000000000 +0100
+ Birth: 2025-01-01 12:00:00.000000000 +0100
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -l essay.odt
+-rw-r--r-- 1 user users 73414 Jan  1 12:00 essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch -d &apos;2025-01-03 12:34&apos; essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat essay.odt
+  File: essay.odt
+  Size: 73414           Blocks: 144        IO Block: 4096   regular file
+Device: 254,3   Inode: 15466607    Links: 1
+Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (  100/   users)
+Access: 2025-01-03 12:34:00.000000000 +0100
+Modify: 2025-01-03 12:34:00.000000000 +0100
+Change: 2025-01-05 12:00:00.000000000 +0100
+ Birth: 2025-01-01 12:00:00.000000000 +0100
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -l essay.odt
+-rw-r--r-- 1 user users 73414 Jan  3 12:34 essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch -a -d &apos;yesterday 6pm&apos; essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat essay.odt
+  File: essay.odt
+  Size: 73414           Blocks: 144        IO Block: 4096   regular file
+Device: 254,3   Inode: 15466607    Links: 1
+Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (  100/   users)
+Access: 2025-01-04 18:00:00.000000000 +0100
+Modify: 2025-01-03 12:34:00.000000000 +0100
+Change: 2025-01-05 12:00:00.000000000 +0100
+ Birth: 2025-01-01 12:00:00.000000000 +0100
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -l essay.odt
+-rw-r--r-- 1 user users 73414 Jan  3 12:34 essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> date
+Sun Jan  5 12:00:00 CET 2025
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> touch essay.odt
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> stat essay.odt
+  File: essay.odt
+  Size: 73414           Blocks: 144        IO Block: 4096   regular file
+Device: 254,3   Inode: 15466607    Links: 1
+Access: (0644/-rw-r--r--)  Uid: ( 1005/    user)   Gid: (  100/   users)
+Access: 2025-01-05 12:00:00.000000000 +0100
+Modify: 2025-01-05 12:00:00.000000000 +0100
+Change: 2025-01-05 12:00:00.000000000 +0100
+ Birth: 2025-01-01 12:00:00.000000000 +0100
+<span style="font-weight:bold;color:#7f7f7f;"></span><span style="font-weight:bold;color:#00ff00;">user&#64;host</span><span style="font-weight:bold;color:#5c5cff;"> ~ $</span> ls -l essay.odt
+-rw-r--r-- 1 user users 73414 Jan  5 12:01 essay.odt
+</pre>
+Notice that the change date, which represents the date when metadata has been
+changed most recently, does get updated on each metadata change, which includes
+changing the file dates.
+</html>

Jan Kończak

User Tools

Site Tools

Differences

Page Tools