Notes on File protections

set via the "chmod" command.
see "man chmod"


    user      group      other
 [ ][ ][ ]  [ ][ ][ ]  [ ][ ][ ]

r - read
w - write
x - execute

nice symmetry, but some combinations useless/redundant

2^9 possible combinations 
might differentiate between group (rw) and other
if not, 2^6 combinations

• chmod converter (and search for more)

user bits

note if turned off, user has power to turn them on any time, 
so these can only be for some kind of temporary self-check:

 [r][w][-]	don't execute by accident 
		(because UNIX will try to execute anything 
		 as shell script)
		e.g. text files, web pages

 e.g. I sometimes execute nonsense commands by accident
  when cutting-and-pasting at command-line


 [r][-][x]	write-protect for safety 
		(like floppy diskette - annoying?)

	a binary I got from someone else
	and can't replace if I lose it

 [-][ ][ ]  	would you ever turn r off? why?
		r for binaries pointless
		stop them getting launched in text edit *

	grep of binary file is not a good idea - Why?

	long-term backup - hide files or dirs 
	from all progs so not included in ls, searches
	but still know they're there if needed,
	turn bit back on some day

 [-][-][-]	ftp drop-box - allow you drop file as guest
		then protect it from future guests

 [r][w][x]	normal

group/other

if always went for rwx for user, 
2^3 combinations for group/others
rule this out:

 [-][w][ ]	if you can write, why can't you read?
		can only append to file? 
		multiple people's log files?
	     (but can also rewrite it - can't enforce append)

 [r][ ][-]	if you can read it, 
		execute-protect is meaningless
		since you can copy it and then execute it
		only there for -convenience- 
		(so not executed accidentally)
		rather than -security-

	Actually, not quite. It turns out
	there IS a difference between r-- and r-x
	when it comes to Server Side Include
	web files.

and remaining combinations are:

 [r][w][x]	total access, e.g. shared group files
 [r][-][x] (1)	normal, shared executable



 [-][-][x]	binary executable where 
		 you don't want people to read or make copies?

	e.g. CGI binary for added security (people can't hack it)
	e.g. shared binary where 
	you have licence for only 1 copy, and want to
	stop people making copies of it

	[-][-][x] WON'T work with text (Shell) scripts
	because it needs to read first line
	to figure out how to execute it.	 
	text/shell script needs [r][-][x]

	[-][-][x] WILL work with binary executables
	because file entry in directory contains info
	that it is binary.




binary or text? - detecting file type using "file" and "magic":

If the file is readable,
UNIX can figure out what type it is by looking at first few bytes
and comparing to a list in:

 /etc/magic

See "man magic".
Display whether things are binary or text:

 file *

See "man file".
The file needs to be readable.

Strangely enough,
a binary needs to be readable for "file" 
but does not have to be readable
to be recognised as a binary and executed
(this holds both on the command-line and on CGI).
[-][-][x] binary executables will still run.

So UNIX must have a more fundamental way of detecting type
than that used by "file" and "magic".




 [-][-][-] (2)	normal



e.g. web files:

 [r][-][-]	

 [r][-][x] (1) 	(see Server Side Includes)


tend to do just:

 norm (1)
 hide (2)

ABSOLUTE minimum needed for:

Web pages 
(HTTP requests come in as "other" not "group"):

 -rwx---r--

(Technically, I suppose, 
 the minimal protection is -------r-- )


CGI text scripts:

 -rwx---r-x

CGI binaries:

 -rwx-----x