Access Control & OS: Unix 's File System

Unix File Hierarchy.  The Unix file system is organized as a hierarchy with the root (/) directory at the highest level. Each directory may contain subdirectories and files.  Typically, some of the directories that may occur under the root are usr, bin, sbin, home, var, boot, dev, etc. In Figure 3, user1 and user2 are sub-directories under home. hello.txt is a plain-text file and link_hello is a linking file that points to hello.txt. In order to access the file /test/temp/hello.txt, the system begins its search from the root(/) folder and then to test and temp folders consecutively and then finally the file hello.txt.

Figure 3

Ownership and Permissions.  Ownership of files in UNIX can be viewed in one of three ways: owner (creator), group or others. Using this simple notion of ownership access to files can be controlled by associating unique user ID (UID) and group ID (GID) with twelve permission bits for each file as shown below.

Permission Bits

Extra Owner Group Others
su sg t r w x r w x r w x

Typically these bits are divided into three sets of three bits and three extra bits as shown in table below. r, w and x bits stand for read, write and execute bits for each of the owner, group and others permissions. su, sg and t stand for set_user_id, set_group_id and sticky bits. These 4 sets of bits are often represented in their octal digits. For example, 100 111 101 101 is represented as 4755. When the su bit is set, whosoever executes the file, the UID of the process will be the owner of the file. Similarly, if sg is set, the GID of the process will be the owner of the file.