File Security in Unix

Fall 2006


Motivation

For the labs in this class, you may choose to use the Unix environment. The Unix environment allows each user to control who has access to the information in the user's home directory. For the purpose of preventing cheating, it is your responsibility to prevent your work from being accessed by the general public. This document provides directions to keep your work for each lab assignment private by setting the permissions of your files in Unix.

Listing the Permissions

From a Unix shell, issue the command ls -l as follows:
        remote.ece.utexas.edu% ls -l
        -rwxr--r--   1 dna      students       12 Sep  6 13:35 ExampleFile
        remote.ece.utexas.edu%
The ls command displays a listing of the files in the current working directory. The -l flag tells ls to provide a "long listing," which includes the permissions associated with the file. The permissions show up on the left and in this case they are: rwxr--r--. The leading - has been left out since it refers to the type of file and not the file's permissions (-=ordinary file, d=directory, l=link).

An r indicates read permissions, a w write permissions, an x execute permissions and a - indicates that the permission isn't granted. The permissions are broken into three sets of three: moving from right to left, the first set: rwx are the read, write and execute for the user; the second set: r--, are the read, write and execute permissions for the group; and finally, the third set: r--, are the read, write and execute permissions for the public. For this set of permissions rwxr--r--, the user has read, write and execute permissions, but the group and the public have only read permissions.

Changing a File's Permissions

You should set your files' permissions such that only you, the user, has read, write and execute permissions on your file. Use the following series of commands including the chmod command (change permissions mode) to change your files' permissions appropriately.
        remote.ece.utexas.edu% ls -l
        -rw-r--r--   2 dna      students       12 Sep  6 13:35 assemble.c
        remote.ece.utexas.edu% chmod 600 assemble.c
        remote.ece.utexas.edu% ls -l
        -rw-------   2 dna      students       12 Sep  6 13:35 assemble.c
        remote.ece.utexas.edu%
The 600 is an octal representation for these permissions: rw-------. It's left as an exercise for the reader to explain this octal encoding.

For further explanation see the man pages for ls and chmod or contact a TA.