Secure a Linux Box through the Right File Permissions
Linux plays a dominant role in server management, worldwide, due to its powerful kernel, based on which a wide range of operating system flavours are available— Red Hat, OpenSUSE, CentOS and Ubuntu are a few of the popular ones. The high level of reliability, safety, security and flexibility provided by Linux has also made it popular among desktop users and mobile phone users ( Android is built on Linux).
In an earlier article that I wrote for the December 2014 issue of OSFY, I argued that the security of Linux based OSs is in the hands of systems administrators. The topics of users and group management were discussed in detail. Further to adding and managing users, permission management is a necessary skill. Well controlled permissions and privileges implemented by a good administrator make a Linux box more secure; otherwise, it can remain vulnerable to numerous attacks and digital theft. So awareness of various security features provided by Linux and their implementation is necessary. In this article, I have focussed on permissions, their management and their effects, so that readers can secure their Linux machines better. primarily four kinds of permissions affect our interaction with computing machines: read, write, execute and No permission.
Read (r) allows a user to view the contents of a file, write (w) allows a user to modify or delete the contents, execute (x) allows a user to run a file such that the computer provides the relevant output after running the code provided, and No permission (-) restricts user access for a specified operation.
Permissions can be implemented on both files and directories. In the case of files, read allows the viewing of the contents, write allows the modification or deletion of the contents and execute allows the running of commands written within the file - this is in the case of shell scripts and other scripts. In case of directories, read allows the listing of the contents, write allows the creation or deletion of files and directories within a directory, and execute allows the opening of a directory. Without execute permissions, a directory cannot be read.
To view the permissions of particular contents, execute the following command in any directory: