57 lines
1.9 KiB
Markdown
57 lines
1.9 KiB
Markdown
|
---
|
||
|
|
title: "Linux 文件系统中的权限"
|
||
|
|
date: 2021-09-29T21:04:52+08:00
|
||
|
|
tags: []
|
||
|
|
categories: []
|
||
|
|
weight: 50
|
||
|
|
show_comments: true
|
||
|
|
draft: false
|
||
|
|
---
|
||
|
|
|
||
|
|
## 普通权限
|
||
|
|
|
||
|
|
### READ
|
||
|
|
|
||
|
|
对文件来说, 就是文件的读取权限, 如 `cat` .
|
||
|
|
|
||
|
|
对目录来说, 就是查询目录下文件结构的权限, 如 `ls` .
|
||
|
|
|
||
|
|
### WRITE
|
||
|
|
|
||
|
|
对文件来说, 就是文件的写入权限, 如重定向输出到这个文件.
|
||
|
|
|
||
|
|
对目录来说, 就是修改此目录下的文件结构的权限, 包括创建文件/删除文件/移动文件.
|
||
|
|
|
||
|
|
### EXECUATE
|
||
|
|
|
||
|
|
对文件来说, 就是文件的执行权限.
|
||
|
|
|
||
|
|
对于目录来说, 就是进入此目录的权限, 并控制访问此目录中的其他文件或目录的权限, **若无此权限, 则目录的读写权限也会受到影响**.
|
||
|
|
|
||
|
|
## 额外权限
|
||
|
|
|
||
|
|
### SUID (user+s)
|
||
|
|
|
||
|
|
标记到文件(file)时, 此文件在运行时, 会以文件属主的身份运行.
|
||
|
|
|
||
|
|
标记到目录(directory)时, 不会有任何作用.
|
||
|
|
|
||
|
|
> 如命令 `sudo` 就是属主为 root 的添加 SUID 标记的可执行文件.
|
||
|
|
|
||
|
|
### SGID (group+s)
|
||
|
|
|
||
|
|
标记到文件时, 文件在运行时会以文件属组的身份运行.
|
||
|
|
|
||
|
|
标记到目录(directory)时, 所有在此目录下创建的文件, 其属组均会变为该目录的属组. (移动文件至此目录下属组不会改变)
|
||
|
|
|
||
|
|
### STICKY (other+t)
|
||
|
|
|
||
|
|
标记到文件时, 不会产生任何效果.
|
||
|
|
|
||
|
|
标记到目录时, 对于此目录下的所有文件, 将仅有这些文件的属主分别对其有删除权限.
|
||
|
|
|
||
|
|
## 参考:
|
||
|
|
|
||
|
|
1. [https://www.redhat.com/sysadmin/suid-sgid-sticky-bit](https://www.redhat.com/sysadmin/suid-sgid-sticky-bit)
|
||
|
|
2. [https://superuser.com/questions/471844/why-is-setuid-ignored-on-directories](https://superuser.com/questions/471844/why-is-setuid-ignored-on-directories)
|
||
|
|
3. [https://unix.stackexchange.com/questions/21251/execute-vs-read-bit-how-do-directory-permissions-in-linux-work](https://unix.stackexchange.com/questions/21251/execute-vs-read-bit-how-do-directory-permissions-in-linux-work)
|