Chapter6.Filesystem Security


Chapter 6. Filesystem Security

A simple description of the Linux system (which is also true for Unix) is "On a Linux system, everything is a file; if something is not a file, it is a process." Some entities are more than just files (named pipes and sockets, for instance); the Linux operating system and Linux commands treat them as files. Therefore, to simplify discussions, it is fair to say that everything is a file. A Linux system, just like Unix, does not distinguish between a file and a directory because a directory is just a file containing names of other files. Programs, services, texts, images, and so forth, are all files. Input and output devices, and generally all devices, are considered to be files, according to the system.

Linux systems support multiple users, and to let users share or protect their files, a permissions system is implemented. This protection mechanism has some odd twists. For example, to rename or remove a file, you need write permission for the directory where the file is located. A thorough understanding of how permissions work lets you make your system more secure, share data easily with other users, and protect files from accidental changes. This chapter reviews the basicsand sheds light into some of the dark cornersof Linux filesystem permissions as well as some advanced topics such as access control lists (in addition to permission settings) and filesystem encryption.



    SUSE LINUX Enterprise Server 9 Administrator's Handbook
    SUSE LINUX Enterprise Server 9 Administrators Handbook
    ISBN: 067232735X
    EAN: 2147483647
    Year: 2003
    Pages: 134

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net