Contents:
Introduction to File Ownership and Security 
Tutorial on File and Directory Permissions 
Who Will Own a New File? 
Setting an Exact umask 
Group Permissions in a Directory with the setgid Bit 
Protecting Files with the Sticky Bit 
Using chmod to Change File Permission 
The Handy chmod = Operator 
Protect Important Files: Make Them Unwritable 
cx, cw, c-w: Quick File Permission Changes 
A Loophole: Modifying Files Without Write Access
A Directory that People Can Access but Can't List 
Groups and Group Ownership 
Add Users to a Group to Deny Permission 
Juggling Permissions 
Copying Permissions with cpmod 
Ways of Improving the Security of crypt 
Clear Your Terminal for Security, to Stop Burn-in 
Shell Scripts Must be Readable and (Usually) Executable
Why Can't You Change File Ownership Under BSD UNIX?
How to Change File Ownership Without chown
The su Command Isn't Just for the Superuser 
Because UNIX is a multiuser system, you need some way of protecting users from one another: you don't want other users to look at the wrong files and find out compromising information about you, or raise their salaries, or something equivalently antisocial. Even if you're on a single-user system, file ownership still has value: it can often protect you from making mistakes, like deleting important executables.
In this chapter, we'll describe how file ownership works: who owns files, how to change ownership, how to specify which kinds of file access are allowed, and so on. We'll also discuss some other ways to prevent people from "prying," like encryption and clearing your screen.
In my opinion, most security breaches arise from mistakes that could easily have been avoided: someone discovers that anyone can read the boss's email, including the messages to his bookie. Once you've read this chapter, you'll understand how to avoid the common mistakes and protect yourself from most intruders.
-
|   |   |   | 
| 21.14 Automatically Appending the Date to a Filename |   | 22.2 Tutorial on File and Directory Permissions | 
