cancel
Showing results for 
Search instead for 
Did you mean: 

File Permissions CHMOD

N/A

File Permissions CHMOD

Below you will see my chmod program. I am happy that I understand the last 9 permissions, however I have no idea what the first 3 selections are.

I am trying to change permissions on my server to allow ftp access, at the moment it is just read only. I need people to be able to upload and download items from my server.

I understand that the last 3 figures should be 777 which would indicate a "free for all" allowing anyone to download or upload to the server, but how should I set the first 3 parameters?

If anyone can explain file permissions to me I would be very greatful.



(Happy Birthday to me Tongue )
9 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

File Permissions CHMOD

Leave the first 3 blank, they are special settings which are not required for normal directory/file access. Unless you are familiar with UNIX file permissions and program execution, the settings will probably make no sense to you. If you really want to know, use man chmod to view the manual page for the command at a $ prompt.

The first 2 set the owner and group to either the owner and/or group that the program is assigned to before executing a program. It basically allows you to run programs as if you were someone else.

The third, sticky bit, you don't need to know about as it is very rarely used and is not required for your purposes.
N/A

File Permissions CHMOD

Thanks Peter

So If I leave the first 3 blank and check the rest of them I should have a file permission reading of 100777, which would indicate a 777 permission and give the access that I require ? Shockedops:
N/A

File Permissions CHMOD

Also .........................

Do I have to change the file permissions for the directory/folder or just the files that are contained in there? If I could make the directory/folder 777 it would save me having to change the permissions on every single item contained in it?

I hope that makes sense ? Otherwise people would not be able to upload items to the server would they :?:
the_norris
Grafter
Posts: 463
Registered: 02-08-2007

File Permissions CHMOD

Hi

I believe if you do a

CHMOD -R 777 DirName

will set the dirname (folder) and all files and sub dirs to 777.

Then everyone can read and write to this area.

Phil
wadeford
Dabbler
Posts: 20
Registered: 03-08-2007

File Permissions CHMOD

Quote
CHMOD -R 777 DirName


The UNIX community acknowledge the difference between upper and lower case letters Wink ,
so the command should probably be:
chmod -R 777 DirName

Quote
The third, sticky bit, you don't need to know about as it is very rarely used and is not required for your purposes.


Not necessarily.... A quote from the Linux "chmod" manpage:

These days, when set for a directory, it means that only the owner of the file and the owner of that directory may remove the file from that directory. (This is commonly used on directories like /tmp that have general write permission.)


Which may be desirable, so run:
chmod -R 777 DirName
chmod +t DirName

Hope this helps...

-Chris
Community Veteran
Posts: 14,469
Registered: 30-07-2007

File Permissions CHMOD

The sticky bit has different uses depending on the varient of Unix you use and it is not used very often.

Originally it was to force a program to remain (stick) in memory and not get swapped out. Recent versions including Linux use it as you describe.

Professional, be very careful when setting full access to files and directories as you could open your system to abuse. Often FTP servers have restrictions on where logged in users can go - i.e. you set the root directory to be a predefined directory where they cannot access anywhere else. So read up on the FTP server or service you have chosen to use to make sure access to other critical directories are not permitted. If you are implementing an anonomous FTP server (i.e. where specific login/password are not used) this is even more important.

For a better description of the 3 special permission settings see the UNIX system admin section of http://www.livefirelabs.com/unix_tip_trick_shell_script/unix_tip_archive.htm
N/A

File Permissions CHMOD

That link is very useful Peter, thank you

I plan to set only one directory with 777 permissions, with no subdirectories below it so hopefully that will reduce the security implications.
wadeford
Dabbler
Posts: 20
Registered: 03-08-2007

File Permissions CHMOD

Quote
I plan to set only one directory with 777 permissions, with no subdirectories below it so hopefully that will reduce the security implications.


You should note that:
1) ftp daemons by default generally allow creation of subdirectories as long as they have filesystem permissions (ie, if you create a directory with 777 perms then users that can upload files, can create subdirectories as well). Most of the more secure ftp daemons allow this to be disabled in the configuration files.

2) ftp daemons by default generally allow deletion of files as long as they have filesystem permissions - i.e. user A can delete user B's uploaded files. This can be stopped by configuration files, or via the directory's sticky bit. (You will probably need to look up the ftp daemons "umask" as well, as this is considered when a file is uploaded)

-Chris
N/A

File Permissions CHMOD

Thanks Chris,

I dont have a problem with the users creating subdirectories within the ftp directory itself. There will only be a small number of trusted users who will access it. Its main purpose is for uploading/dowloading files that are usually too big for email, just to make life a little easier.

I think I have the facility to password protect access to dtp directory but will hvae to look into that a little further. Whilst I want my users to have full access and control over the directory, I want to control WHO has access to it, if that makes sense?