as mentioned above there are 3 sections to the permissions for an example which may be easier to understand here is how it is broken down
say root is the owner/user of the file
say video is the group
and then as mentioned there is the world/other section which covers anyone that doesn't fit in the first two.
Now if the file has permissions like
Read/Write for root
Read for the group video with user1 as a member of that group
and none for world/other
Then the root user would have full read write control over the file.
Any user in the video group (user1) would have read permissions but would not have access to modify the file.
Anyone else would not even be able to view the contents of the file.
as mentioned sudo chmod can be used to change the permissions of a file. Usage of chmod is too large to explain here but a simple breakdown is like this:
u is for user,
g is for group,
and o is for others.
r is for read permission,
w is for write permission,
x is for execute permission.
so if you wanted to set a file so that the user/owner of the file can have full access and you wanted the group to have read and be able to execute the file (such as a script) and you wanted everyone else only be able to execute the file the command would be:
sudo chmod u+rwx, g+rx, o+x /path/filename
to remove a permission you just use a minus instead of the plus... so if you decided that you didn't want "world/other" to be able to execute that file you would just use
sudo chmod o-x /path/filename
You will also see numbers used at times and I would actually have to look those up but basically I know that 7 is full permissions so if you did:
sudo chmod 777 /path/filename
it would set the permissions to read write execute for user (first seven) group (second 7) and world/other (third 7).
There is also a recursive code (-R note the capitalization it must be uppercase) .. if you wanted to change all the files in one directory and its sub-directories (be careful with this command because if you type the wrong path you can set permissions for files you may not want to touch) but it would look something like this:
sudo chmod -R 777 /home/user/blah
this would change the permissions for the folder blah, all the files and all its sub-directories and files to have full read/write/execute for anyone.
Hope this gives you a better understanding of chmod and permissions. If you need more you can just do a search on chmod commands and you should find the information you need
Best Answer
The
s
inrws
stands forsetuid
meaning set user ID. This is a special permission bit that allows the program, when run by any user, to be run with the effective UID of the owner, in this case, root. So when you as a normal user run thesudo
executable, you effectively do so as root. This permission bit is a security risk, and should only be applied where absolutely necessary.Explanation of the
setuid
bit from The Linux Command Line by William E. Shotts Jr:The second
root
in the listing is the group that owns the file, and yes, only the user root is in the group root:Here's an example of a file that has different user and group ownership:
This means that the file can be read and written to only by root, but members of the group shadow may also read the file.