Notes on File protections

"ls -l" shows something like:

-rwxr-xr-- 1 userid  groupid  153 Nov  6 2008 filename

-	file (d for directory, l for link/shortcut)
rwx	User (u) can read,write,execute.
r-x	Other members of group (g) can read,execute only.
r--	Other people (o) can read only.

  
set via the "chmod" command.
see "man chmod"


    user      group      other
 [ ][ ][ ]  [ ][ ][ ]  [ ][ ][ ]

r - read
w - write
x - execute

e.g. user can do everything, group/others can do nothing:
- chmod u+rwx,go-rwx file
result:
- -rwx------ 1 userid groupid 153 Nov 6 2008 filename
There is also a number that corresponds to each permission setting:
- chmod converter (and search for more)
Default permissions for new files: umask

user bits

Note if turned off, user has power to turn them on any time.
So these can only be for some kind of temporary self-check.

[r][w][-] Don't execute by accident.
Because UNIX will try to execute any text file as shell script if name is typed.
e.g. text files, web pages

[r][-][x] write-protect for safety
annoying?

[r][-][-] both of above

[r][w][x] normal

group/other bits

`[r][w][x] [r][w][-]`	Shared writable file
`[r][-][x] [r][-][-]`	Shared read-only file
`[-][-][-]`	Normal - Hidden from others

Absolute minimum needed for:

Web pages (HTTP requests come in as "other"):

 -rwx---r--

CGI text scripts:

 -rwx---r-x

CGI binaries only need execute:

 -rwx-----x

(Normal binaries also only need execute.)

`[r][w][-]`	Don't execute by accident. Because UNIX will try to execute any text file as shell script if name is typed. e.g. text files, web pages
`[r][-][x]`	write-protect for safety annoying?
`[r][-][-]`	both of above
`[r][w][x]`	normal