Week 2 File Management Paper
POS/355
Joey Turner JR
Professor Alicia Pearlman
Most UNIX systems that you will come across are usually based on the control scheme of file access associate with early versions of the UNIX system. In UNIX, every individual user is assigned their own unique user ID that they may use to access files saved in memory. Users are identified by being a part of a private group or various groups which can be identified then by their group ID. When a file is created in LINUS it is identified as being owned by a particular user and marked with the user that created the file’s user id. The file also belongs to whatever group the user is associated with as well or else the group of its parent directory but only if that parent directory has SetGID permission configured. SetGID (SetGIUD) are access rights flags that allow users to run executable (.exe) files with the permission of user ids or group id. Protection bits in sets of twelve are associated with each file as well. The owner ID, group ID, and protection bits are part of the file’s index node-which are a data-structure used to represent a file-system object which can be a file or file directory.
There are 9 of the 12 protection bits that are advocated to the user and group ids owners of the files which control reading, writing, and execute permissions. These nine protection bits then form a system of hierarchy of user id, group id, and all others. The hierarchy is also coupled with the most pertinent priority of file permissions being used. A good example is one in which the file owner has read as well as write permission which means they may edit the file. In the same instance all other members with group ids may have read access while users outside the group have no access rights to the file. When these settings are applied to a specific directory, the read and write bits gives the right to list, create, rename, and delete files in the specified directory. Via the “execute bit” users with file permission may search the directory for elements of the filename but must have read access at least to be able to view the file.
The 3 of 12 bits that are left are used to define special behaviors of files and directories in addition to the access rights bits. Two of the remaining three bits are set ID bits. They are the “set user ID” or SetUID and the “set group ID” or SetGID permission bits. If an exe or executional file has these bit permissions set the operating system functions as the following statements explain: In a situation in which a userID with write capabilities for the file decides to execute, the computer system will then temporarily let that user borrow the rights of the user’s ID of the file creator or the file group from those of the users who are accessing that file with permission. The sequence of events whom were just explained are known as the “effective user ID” and “effective group ID”. Both EUID and EGID are used on top of the “real user ID” and “real group ID” of the executing user when deciding access and control for the particular program.
This change in permission is only applicable while the program is open. When the program is closed file permission returns to the default settings. This feature also is used to create file permissions normally not available to ordinary users in the program. This feature also enables users to access particular information in a controlled manner. On the other hand, when associate with a specified directory, the SetGID permission will show recently created created files inherit the group of this directory. The SetUID permission is also ignored in that situation.
The last bit is called the “sticky bit” and it makes sure that file permissions and can be saved to then be accessed at a later time- but this bit is no longer being used in today’s UNIX systems . These days the “sticky bit” makes sure that only one owner or USERID can modify a file which is very handy for managing person files where the particular directory may be shared or used in public. The user with one particular file permission is then known as the “super user” and is not restrained by the usual file access control constraints as well as also having system wide access. Any program that is programmed to give a SetUID a “super-user” tag is therefore inaccessible but any other user-making the program private to the super-user. This access scheme is adequate when file access requirements align with users and a modest number of groups of users.
It is good to know that in the traditional UNIX file system control scheme is one that uses a protection control domain that is very simplified. The domains are associated with a user and if the user logs into a different domain the user ID must be changed temporarily in order to accommodate the specified change in domain.
