Linux File System and Security

A file system is a method of storing files in folders.

Securing files and directories is a vital component of overall Linux system security.

File Types in Linux

  • Regular files (-): These are text files which contain words, code, script, etc and are usually appended with a file extension such as .txt, .yml, .py, etc to show the type of file.

  • Directory (d): A directory is a folder where files and other items are stored. a directory can have two or more directories within it called sub-directory. more directories can be created within the subdirectory. The first directory is called parent directory.

  • Link (l): Links are the number of directories existing within a directory.

  • Character device files(c): located in /dev, this file type allows users and programs to communicate with a hardware peripheral devices.

  • Socket (s): this file type is used to communicate between processes. Generally, they are used by services such as (Find services that use socket files). Files under this category are located in the /dev/log.

  • Named pipe (p): this file type allows communication between two local processes.

  • Block Device (b): used to govern hardware such as hard drives, memory, etc. Located /dev/sda.

Linux File Attributes

When you list the content of a directory using the $ ls -l, or $ ls -al, the output comes out in a table of 9 columns with each column giving information relating to the file in each roll.

  1. Type: information on the type of file and the permissions available for the file owner, group, and other users.

  2. # of links: this shows the information on the number of hard links to the file. For a directory, the number of hard links is the number of immediate subdirectories it has plus its parent directory and itself. Upon file creation, the number of hard links is 1 because it only has one file. If you create two or more, the number of hard links increases correspondingly. For directories, the parent directory has by default 1 hard link. The sub-directories count as an addition to the number of hard links.

  3. Owner: shows information about the user who owns the file.

  4. Group: the group that owns the file is usually the default group where its owner belongs.

  5. Size: the size of the file measuring from kilobytes.

  6. Month: information on the month when the file was created.

  7. Day: information on the day the file was created.

  8. Time: the time such a file was created.

  9. Name: the name of the file.

Linux File Ownership and Permissions

Linux is a multi-user system. Every file and directory in your account can be protected from or made accessible to other users by changing its access permissions. Every user has the responsibility of controlling access to their files.

There are three owners of a file or directory

  • User - the user account where the file is created or the user it was changed to.

  • Group - typically the default group of the user, a team of people working on the same project.

  • Other: everyone in the system, including the user and members of the group.

Command to change file ownership

  • Chown: he changed the ownership of the user.

  • Chgrp: changes the group ownership of a file.

Three types of permissions

  • R — read

  • W — write

  • X — execute, run.

In securing a file system, it is important to know who has the right to read, write and execute.

The command used in changing permissions

  • $chmod

ACCESS CONTROL LIST

An access control list is a layer that operates on top of permissions and allows permissions to be applied to any disc resource per user. Access control adds a more flexible permission mechanism to file systems. It is intended to help with UNIX file permissions as well as to accomplish the operation of applying group-related permissions to users who are not members of a group without adding them to the group.

ACL Commands

  • $ setfacl: allows you to set the permissions the way you want.

  • $ getfacl: gives information about the existing information of a file inclusive of the permissions.

ACL USE CASE

  • To add permission for the user

$ setfacl -m u:Tessa:rwx filename

Where setfacl is the command, -m for modify, u:Tessa:rwx is for the user, the username and the permissions, filename is the name of the file or simply specify the path to the file.

  • To add permission to a group

$ setfacl -m g: group:rwx filename

  • To allow all files or directories to inherit ACL entries from the directory it is within

$ setfacl -dm "entry" file name

  • To remove a. Specific entry such as read, write, execute permissions

$ setfacl -x u:user name of file.