Novell SuSE Linux Professional 9.2 Upgrade [Strong Encryption 128 Bit] 00662644457260 ユーザーズマニュアル
製品コード
00662644457260
21
W
or
king
king
with
the
Shell
21.2
Users and Access Permissions
Since its inception in the early 1990s, Linux has been developed as a multiuser
system. Any number of users can work on it simultaneously. Users need to log
in to the system before starting a session at their workstations. Each user has a
user name with a corresponding password. This differentiation of users guar-
antees that unauthorized users cannot see files for which they do not have per-
mission. Larger changes to the system, such as installing new programs, are also
usually impossible or restricted for normal users. Only the
system. Any number of users can work on it simultaneously. Users need to log
in to the system before starting a session at their workstations. Each user has a
user name with a corresponding password. This differentiation of users guar-
antees that unauthorized users cannot see files for which they do not have per-
mission. Larger changes to the system, such as installing new programs, are also
usually impossible or restricted for normal users. Only the
root user, or super
user, has the unrestricted capacity to make changes to the system and has unlim-
ited access to all files. Those who use this concept wisely, only logging in with full
ited access to all files. Those who use this concept wisely, only logging in with full
root
access when necessary, can cut back the risk of unintentional loss of data.
Because under normal circumstances only root can delete system files or format
hard disks, the threat from the Trojan horse effect or from accidentally entering de-
structive commands can be significantly reduced.
hard disks, the threat from the Trojan horse effect or from accidentally entering de-
structive commands can be significantly reduced.
21.2.1
File System Permissions
Basically, every file in a Linux file system belongs to a user and a group. Both of
these proprietary groups and all others can be authorized to write, read, or exe-
cute these files.
A group, in this case, can be defined as a set of connected users with certain col-
lective rights. For example, call a group working on a certain project
these proprietary groups and all others can be authorized to write, read, or exe-
cute these files.
A group, in this case, can be defined as a set of connected users with certain col-
lective rights. For example, call a group working on a certain project
project3
.
Every user in a Linux system is a member of at least one proprietary group, nor-
mally
mally
users
. There can be as many groups in a system as needed, but only
root
is able to add groups. Every user can find out, with the command
groups
, of
which groups he is a member.
File Access
The organization of permissions in the file system differs for files
and directories. File permission information can be displayed with the com-
mand
mand
ls -l
. The output could appear as in Output 21.1.
Example 21.1: Sample Output Showing File Permissions
-rw-r----- 1 tux project3 14197 Jun 21
15:03 Roadmap
As shown in the third column, this file belongs to user
tux
. It is assigned to
the group
project3
. To discover the user permissions of the
Roadmap
file,
the first column must be examined more closely.
265
SUSE LINUX