Talk:File system permissions
|WikiProject Computer Security / Computing|
- 1 Origins
- 2 Mac OS X and Unix permissions
- 3 Read-while-write
- 4 non-standard permission flags
- 5 Hmm?
- 6 adding links to lsattr and chattr
- 7 INACCURACY: OS X leopard server has ACL's enabled by default
- 8 What's mentioned here about VMS permissions is wrong
- 9 Why is the differences section first?
- 10 Why it this so Unix-centric?
- 11 Why the complicated explanation of octal permissions?
- 12 Merge with share permissions (or not)
- 13 Packed permission bits?
- 14 It's "Mode" not "Permissions"
- 15 Standard permissions
- 16 + and . suffixes to the file permissions
- 17 Article title - filesystem as one word
- 18 Requested move
Did file system permissions realy originate with Unix? Does there exist more background history somewhere?
A reader suggested the move of the initial permissions page to file system permissions. I aggread with that and added some more text in the document.
The section on Octal notation is incomplete. The first digit of a four-digit octal permission set denotes something. It might be the file type or the additional permissions. I'm not sure which, and I don't know what values would be acceptable.
Much of this terminology is conjectural. Any clarification or modification thereof would be appreciated.--Kbolino 00:21, 30 Jan 2005 (UTC)
The octal notation section is complete (note: 'Octal Notation and additional permissions' section). The first digit on a 4-digit octal permission is the suid/sgid/sticky bits. The section is worded in a dry manner. This could be cleaned up. I know that file system permissions didn't originate on Unix. Multics had file permissions as well.
There is a noticeable lack of the last octal group for suid, guid and sticky.
Mac OS X and Unix permissions
I'm pretty sure Mac OS X does use traditional Unix-style premissions. The core of the operating system (Darwin) is Unix-based and exhibits all the characteristics of a typical Unix system. When I repair my disk permissions, they are set to Unix style permissions. Theshibboleth 20:57, 8 November 2006 (UTC)
Read-while-write redirects here, but there is no deeper discussion on this topic. I also hear this phrase in other context than FS permissions, such as EEPROM and flash memory. So what does it mean? --Abdull 16:04, 7 March 2007 (UTC)
non-standard permission flags
I remember vaguely that I've seen some more exotic, non-standard permission flags as output of 'ls'. I beleave it was an
a... Do or did such permission bits exist or am I deceived? --126.96.36.199 13:49, 12 March 2007 (UTC) (de:Benutzer:RokerHRO)
"Differences between operating systems"
Shouldn't that be "Differences between file systems"? — Omegatron 20:54, 17 November 2007 (UTC)
- Usually the OS sets the file system permission model. if a filesystem doesn't fit with the model of the OS (e.g. when NTFS is implemented on a unix linke system) then the implementation usually ends up without usable permission support at all. Plugwash (talk) 02:04, 18 November 2007 (UTC)
INACCURACY: OS X leopard server has ACL's enabled by default
I just read in a mac support forum on apples site that OS X leopard server has ACL's enabled by default. This is contrary to the first paragraph's assertion that "all versions of OS X use POSIX permissions" and "no OS implements ACL's"
I don't know enough to research this further, and I'm afraid I don't know where on the forum I saw this... sorry.
What's mentioned here about VMS permissions is wrong
VMS has 4 categories (system, owner, group, world) and 4 "permissions" (read, write, execute, and delete) in addition to ACLs. I'll fix this later when I have more time. --betaneptune —Preceding unsigned comment added by 188.8.131.52 (talk) 17:21, 5 June 2009 (UTC)
Why is the differences section first?
Why it this so Unix-centric?
Why the complicated explanation of octal permissions?
Just put a '1' under each letter and a '0' under each dash.
This gives 111 for user, 101 for group, and 001 for other. In binary these immediately translate to 7, 5, and 1. So the octal code for this example is simply 751. Why all the extensive explanation of adding 4 and 2 and 1 and 100 and 010 and 001 and such? It's really very simple.
share permissions is the windows centric version of this which is the Unix angled one. I think there could be a generic article, and also specific ones for major operating systems. The names for these articles could be the terms used in those operating systems. Graeme Bartlett (talk) 07:09, 31 December 2009 (UTC)
Packed permission bits?
I came to this page looking for verification of packed permission bit format, which as I understand it is a space optimization allowing two rather than three bits for storing each permission -- entirely abstracted away by implementations.
The way the optimzation works is, since go, uo, ug, and ugo permissions can be represented by (respectively) o, o, g and o permissions, those four are not needed and the four remaining possibilities for each of r,w,x can be packed into two bits instead of three.
http://www.cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping describes a problem in attempting to map a posix permission of rw-r-xrw- into Windows Access Control Entities. I'm not certain that this problem is real, as it isn't clear that granting write to o but not g is possible. It would not be possible with a packed representation. 184.108.40.206 (talk) 17:59, 3 June 2010 (UTC)
It's "Mode" not "Permissions"
Unix, Linux and BSD files have "file mode bits" that collectively are referred to as a file's mode. See the man page for the command used to modify them: chmod.
Extended attributes are referred to as "attributes". See the man page for lsattr.
Standard permissions I believe refers to read, write and execute for the three groups user, their group and everybody. Where as ACL's over ride standard permissions and often we need some sort of ACL inspector to determine the "effective permissions". These general characterizations help me better understand different file systems. — Preceding unsigned comment added by 220.127.116.11 (talk) 09:58, 3 October 2012 (UTC)
+ and . suffixes to the file permissions
The + suffix indicating an ACL is present is a significant security hole if not understood by users, and it's poorly documented and not widely known, so I've added links as clearly and concisely as possible to the bottom of standard permissions. Andy Henson. 18.104.22.168 (talk) 10:04, 13 December 2012 (UTC)