Linux

UNIX® File Access

Consider a system that supports 5,000 users. Suppose you want to allow 4,990 of those users to be able to access one file. How would you specify this protection scheme in UNIX®?

Given an environment that supports 5,000 users is most likely to be an Enterprise or similarly large organization then there are various approaches that can be utilized in order to achieve the stated goal of allowing 4,990 of these users access to one specific file.

However, in order to fully ascertain the best solutions for this scenario it is important to understand the manner in which file access is managed and maintained within the UNIX® environment.

Regardless of the environment in question, the file structure propagates from a single root which is denoted by the character ‘/’ and then files & folders are structured downwards/outwards in a traditional tree structure. Regardless of the ultimate location of a file, it will still fall within the Access Control parameters of the UNIX® file system where each file has certain access control attributes in the form of ten flags which can be viewed using the ls command. If a sample file attribute is examined then the ten Access Control flags are clearly visible.

drwxr-xr-x 4 root root 4096 Feb 2 2007 alchemist

These ten flags each identify certain characteristics with the following designations

Position 1: Denotes the file type: d = directory

- = ordinary file

l = symbolic link

Position 2-4: Denotes the owner permissions: r = read

w = write

x = execute

Position 5-7: Denotes permissions for other users in same group

Position 8-10: Denotes permissions for all other users

For positions 2-10, the hyphen ‘-‘ denotes a lack of the specified permission. In order to amend specific permissions the chmod command can be used to add or remove permissions for users and groups.

In addition to this method there are several...