Linux Users and Permissions
Linux Users and Permissions
User and permission management is one of the most important security features in Linux. Linux was designed as a multi-user operating system, meaning multiple users can work on the same system while maintaining security and privacy.
In cybersecurity, understanding Linux permissions helps protect systems from unauthorized access, privilege abuse, and data modification.
1. Understanding Users and Groups
A user is an account that allows a person or service to log into a Linux system and perform tasks.
A group is a collection of users that share common permissions.
Types of Users in Linux
1. Root User
- The system administrator
- Has full control over the entire system
2. Regular Users
- Normal accounts used for everyday tasks
- Limited permissions
3. System Users
- Accounts created for running services and applications
Example users might include:
| Username | Purpose |
|---|---|
| root | System administrator |
| student | Normal user |
| www-data | Web server user |
Viewing Users on the System
User information is stored in:
/etc/passwd
View the file:
cat /etc/passwd
Each line represents a user account.
Viewing Groups
Group information is stored in:
/etc/group
View groups:
cat /etc/group
Groups help administrators manage permissions efficiently.
2. File Ownership
Every file and directory in Linux has two owners:
- User owner
- Group owner
Example output from the ls -l command:
ls -l
Example result:
-rw-r--r-- 1 student student 1200 Jan 10 report.txt
Explanation:
| Field | Meaning |
|---|---|
| -rw-r–r– | File permissions |
| student | File owner |
| student | Group owner |
| report.txt | File name |
This means the file belongs to:
- User: student
- Group: student
Ownership helps control who can access or modify files.
3. Permission Types (Read, Write, Execute)
Linux permissions are divided into three categories:
| Permission | Symbol | Meaning |
|---|---|---|
| Read | r | View file contents |
| Write | w | Modify file |
| Execute | x | Run the file as a program |
Permissions apply to three user classes:
| Class | Meaning |
|---|---|
| User (u) | File owner |
| Group (g) | Users in the group |
| Others (o) | Everyone else |
Example Permission Display
-rwxr-xr--
Breakdown:
| Section | Meaning |
|---|---|
| rwx | Owner permissions |
| r-x | Group permissions |
| r– | Others permissions |
Meaning:
- Owner can read, write, execute
- Group can read and execute
- Others can read only
4. Changing Permissions with chmod
The chmod command changes file permissions.
Syntax:
chmod [permissions] filename
Symbolic Method
Add permission:
chmod u+x script.sh
This gives the owner execute permission.
Remove permission:
chmod g-w file.txt
Removes write permission from the group.
Examples:
| Command | Meaning |
|---|---|
chmod o-r file.txt |
Remove read access for others |
chmod u+w file.txt |
Give owner write permission |
chmod g+x script.sh |
Allow group to execute |
Numeric Method
Permissions can also be represented using numbers.
| Permission | Value |
|---|---|
| Read | 4 |
| Write | 2 |
| Execute | 1 |
Add the values to set permissions.
Example:
chmod 755 script.sh
Explanation:
| Number | Meaning |
|---|---|
| 7 | rwx |
| 5 | r-x |
| 5 | r-x |
So the permissions become:
rwxr-xr-x
Another example:
chmod 644 file.txt
Result:
rw-r--r--
5. Changing Ownership with chown
The chown command changes file ownership.
Syntax:
chown user filename
Example:
sudo chown student report.txt
This changes the owner of report.txt to student.
Changing Both User and Group
sudo chown student:developers project.txt
This sets:
- Owner = student
- Group = developers
Changing Ownership of a Directory
sudo chown -R student folder1
The -R option means recursive, applying the change to all files inside the directory.
6. Understanding the Root User
The root user is the most powerful account in Linux.
Root has the ability to:
- Install software
- Modify system files
- Create and delete users
- Control system services
- Access all files
Because of this power, root access must be used carefully.
To switch to root:
su
Or:
sudo -i
7. Understanding sudo Privileges
The sudo command allows a regular user to execute commands with administrative privileges.
sudo stands for:
Super User DO
Example:
sudo apt update
This runs the command with administrator privileges.
Benefits of sudo:
- Improves security
- Prevents accidental system damage
- Tracks administrative actions
The file that controls sudo permissions is:
/etc/sudoers
Cybersecurity Importance of Permissions
Proper permission management helps:
- Prevent unauthorized access
- Protect sensitive files
- Limit privilege escalation attacks
- Control system administration access
Many cyber attacks attempt to exploit misconfigured permissions.
Security professionals often audit permissions to detect vulnerabilities.
Module Summary
In this module, students learned:
- The concept of Linux users and groups
- How file ownership works
- The meaning of read, write, and execute permissions
- How to modify permissions using chmod
- How to change file ownership using chown
- The role of the root user and sudo privileges
These concepts form the core of Linux security and access control.