Notes

Permissions

Permission Management

In Linux, permissions are like keys that control access to files and directories. These permissions are assigned to both users and groups, much like keys being distributed to specific individuals and teams within an organization. Each user can belong to multiple groups, and being part of a group grants additional access rights, allowing users to perform specific actions on files and directories. Every file and directory has an owner (a user) and is associated with a group. The permissions for these files are defined for both the owner and the group, determining what actions like reading, writing, or executing are allowed. When you create a new file or directory, it automatically becomes “yours” and is associated with the group you belong to.

Directory Execute Permission (Traverse)

To traverse or enter a directory, a user needs execute permission on that directory. Without it, the user will see a “Permission denied” error even if they can see the directory’s contents. Execute permission on a directory only allows traversal; it does not grant read/write permissions for files inside the directory. To execute files inside, the file itself must have execute permission. To create, delete, or rename items inside a directory, the directory needs write permission.

$ ls -l
drw-rw-r-- 3 cry0l1t3 cry0l1t3   4096 Jan 12 12:30 scripts

$ ls -al mydirectory/
ls: cannot access 'mydirectory/script.sh': Permission denied
ls: cannot access 'mydirectory/..': Permission denied
ls: cannot access 'mydirectory/subdirectory': Permission denied
ls: cannot access 'mydirectory/.': Permission denied
total 0
d????????? ? ? ? ?            ? .
d????????? ? ? ? ?            ? ..
-????????? ? ? ? ?            ? script.sh
d????????? ? ? ? ?            ? subdirectory

Permission Bits and Octal Values

The permission system is based on three bits: read (r), write (w), and execute (x). Permissions are set for three classes: owner, group, and others. The numeric (octal) values are r=4, w=2, x=1, so rwx is 7.

$ ls -l /etc/passwd
-rwxrw-r-- 1 root root 1641 May  4 23:42 /etc/passwd

The first character indicates the file type (- file, d directory, l link). The next three characters are owner permissions, then group, then others. Example: 754 maps to rwxr-xr--.

Change Permissions

Use chmod with symbolic or octal notation:

$ chmod a+r shell
$ chmod 754 shell

Symbolic references: u (owner), g (group), o (others), a (all). Use + to add permissions or - to remove them.

Change Owner and Group

Use chown to change ownership:

$ chown <user>:<group> <file-or-directory>
$ chown root:root shell

SUID and SGID

SUID and SGID allow a program to run with the privileges of the file owner or group. They appear as s in the execute position. These bits are useful for system tasks but can introduce security risks if applied to programs with unexpected capabilities. Refer to GTFObins when reviewing binaries for risky SUID/SGID usage.

Sticky Bit

The sticky bit on a directory restricts deletion or renaming of files to the file owner, the directory owner, or root. Lowercase t means execute is set; uppercase T means execute is not set.

$ ls -l
drw-rw-r-t 3 cry0l1t3 cry0l1t3   4096 Jan 12 12:30 scripts
drw-rw-r-T 3 cry0l1t3 cry0l1t3   4096 Jan 12 12:32 reports

In essence, Linux permissions act like a set of rules or keys that dictate who can access or modify certain resources, ensuring security and proper collaboration across the system.