LINUX TIPS AND TRICKS --- April 13, 2001

Published by ITworld.com -- changing the way you view IT
http://www.itworld.com/newsletters
________________________________________________________________________________

Controlling File Permissions
By Danny Kalev

The File Mode
Every file contains a set of permissions that define which processes 
are allowed to access it. The file type (e.g., unnamed pipe, character 
device and so on) and its access permissions are packed within a 16-bit 
integer called the "file mode". The lowest 12 bits thereof indicate the 
file's access permissions and permission modifiers. A file mode is 
often encoded as a string of six octal digits. The low order three 
digits are the access bits, the next digit indicates the file 
permission modifiers, and the final two digits indicate the file type. 
Thus, the file mode 0041755 represents a file type of 04 (note: the 
leading zero indicates an octal number), a file permission modifier 1, 
and the access bits are 0755.

Checking a File's Permission
The access() function declared in <unistd.h> enables a program to check 
whether it can access a given file in a specified manner, for example, 
to check whether it can read a file. access() has the following 
prototype:

    int access (const char * path, int mode);

The mode argument consists of one or more of the following values 
combined using the bitwise OR operator:

    F_OK                    does the file exist?
    R_OK                    can the current process read from the file?
    W_OK                   can the current process write to the file?
    X_OK                    can the current process execute the file?

access() returns 0 if the access mode(s) passed as the second argument 
are permitted. Otherwise, the function returns an EACCESS error code. 
In the following example, the program first checks whether it can 
execute a file, called "myprog.exe", before calling the system() 
function:

    #include <unistd.h>
    #include <stdlib.h>

    int result;
    result = access ("myprog.exe", X_OK);
    if (!result)
    {
     system("myprog.exe");
    }
    else
    {
     printf("no permission");
    }

Changing a File's Permission
The chmod() and fchmod() system calls enable you to change a file's 
access permissions. Both functions are declared in <sys/stat.h> as 
follows:

    int chmod(const char * pathname, mode_t mode);
    int fchmod(int fd, mode_t mode);

A file's permissions apply to an inode. Therefore, if a filename has 
multiple links, then changing its permissions will affect all those 
links. Note that only the root user and the file's owner may change its 
access permissions; other users will get an EPERM error code. chmod() 
takes a string as a file's identifier whereas fchmod() takes a file's 
descriptor instead.

About the author(s)
-------------------
Danny Kalev is a system analyst and software engineer with more than 10 
years of experience, specializing in C++ and object-oriented analysis 
and design on various platforms including VMS, DOS, Windows, Unix, and 
Linux. His technical interests involve code optimization, networking, 
and distributed computing. He is also a member of the ANSI C++ 
standardization committee and the author of ANSI/ISO C++ Professional 
Programmer's Handbook (Que, 1999). Contact him at linuxnl@excite.com.
_____________________________________________________________________

ADDITIONAL RESOURCES

Security basics, Part 1 
Understanding file attribute bits and modes

http://www.itworld.com/jump/lintps_nl/www.itworld.com/Comp/
	3380/swol-1020-unix101/

Security basics, Part 2 
More advice on file attribute bits and modes

http://www.itworld.com/jump/lintps_nl/www.itworld.com/AppDev/
	1177/swol-1201-unix101/

Security improvements mark .Net 
Will tougher measures stop the next ILOVEYOU virus?

http://www.itworld.com/jump/lintps_nl/www.itworld.com/Net/
	3271/itw-0329-dotnetsec/
_______________________________________________________________________

COMMUNITY DISCUSSIONS

Linux Software Development
Hone your Linux development skills, share your expertise, and put out 
the occasional call for help in this discussion for programmers of all 
levels. Moderated by Danny Kalev.

http://www.itworld.com/jump/lintps_nl/forums.itworld.com/
	webx?14@@.ee6b652/319!skip=244

Troubleshooting Unix
Ask questions, offer solutions, and tell your tales in this lively 
discussion of the good, bad, and ugly sides of managing Unix systems.

http://www.itworld.com/jump/lintps_nl/forums.itworld.com/
	webx?14@@.ee6b677/646!skip=620
_______________________________________________________________________

CONTACTS

* For editorial comments, write Andrew Santosusso, Associate Editor, 
  Newsletters at: andrew_santosusso@itworld.com

* For advertising information, write Dan Chupka, Account Executive at:
  dan_chupka@itworld.com

* For recruitment advertising information, write Jamie Swartz, Eastern
  Regional Sales Manager at: jamie_swartz@itworld.com or Paul Duthie,
  Western Regional Sales Manager at: paul_duthie@itworld.com

* For all other inquiries, write Jodie Naze, Product Manager, 
  Newsletters at: jodie_naze@itworld.com
______________________________________________________________________

PRIVACY POLICY

http://www.itworld.com/Privacy/

Copyright 2001 ITworld.com, Inc., All Rights Reserved.
http://www.itworld.com
