9 – Permissions

Operating systems in the Unix tradition differ from those in the MS-DOS tradition in that

they are not only multitasking systems, but also multi-user systems, as well.

What exactly does this mean? It means that more than one person can be using the com-

puter at the same time. While a typical computer will likely have only one keyboard and

monitor, it can still be used by more than one user. For example, if a computer is attached

to a network or the Internet, remote users can log in via ssh (secure shell) and operate

the computer. In fact, remote users can execute graphical applications and have the

graphical output appear on a remote display. The X Window System supports this as part

of its basic design.

The multiuser capability of Linux is not a recent "innovation," but rather a feature that is

deeply embedded into the design of the operating system. Considering the environment in

which Unix was created, this makes perfect sense. Years ago, before computers were

"personal," they were large, expensive, and centralized. A typical university computer

system, for example, consisted of a large central computer located in one building and

terminals which were located throughout the campus, each connected to the large central

computer. The computer would support many users at the same time.

In order to make this practical, a method had to be devised to protect the users from each

other. After all, the actions of one user could not be allowed to crash the computer, nor

could one user interfere with the files belonging to another user.

In this chapter we are going to look at this essential part of system security and introduce

the following commands:

● id – Display user identity

● chmod – Change a file's mode

● umask – Set the default file permissions

● su – Run a shell as another user

● sudo – Execute a command as another user

● chown – Change a file's owner