UW Home > UWIN > Computing and Networking > Unix > Unix Basics

Protecting Your Account and Files

Included on this page:

File and Directory Permissions and Access
Change Your Password
Managing Your Account
View Your Account Resources

Like a house or automobile, Uniform Access computer accounts must be protected. If you are not careful, your account and files can be broken into, vandalized, or even stolen by unlawful computer users.

File and Directory Permissions and Access

You decide who can use your files and directories by setting permissions. Each file and directory has three types of permissions:

Read (r) gives permission to view, print, and copy.
Write (w) gives permission to edit, delete, and save.
Execute (x) gives permission to run an executable file, such as a program. In the case of a directory, (x) allows you to change to that directory.

You set these permissions for three classes of users:

You, the owner of the file.
Your group.
All others.

You can view the permissions of your files using the ls -l command. The ls -l command lists the contents of your directory in long format. For example:

`drwxr-xr-x`	`2 userid`	`512 Sep 14 08:24`	`Sales`
`drwxr-xr-x`	`2 userid`	`512 Sep 14 08:24`	`Receipts`
`-rw-r--r--`	`1 userid`	`0 Sep 14 08:24`	`budget`

Figure 3: Permission Settings for a File and a Directory

[Graphic: Permission Settings for a File and a Directory]

The first character indicates file type: a - (hyphen) indicates an ordinary file, and a d indicates a directory. Unix considers the next nine characters as three sets of three. The first set of three determines the owner's permissions, the second set determines the group's permissions, and the third set determines all others' permissions.

If you wish to change the permissions of a file or directory, you can use the chmod (change mode) command. The chmod command uses a number code. Each permission setting corresponds to a number between 0 and 7. For each file or directory, you assign three numbers between 0 and 7.

The first number gives the permissions for the owner.
The second number gives the permissions for the owner's group.
Note: On Uniform Access accounts the group permission has no meaning because all users belong to the same group and no other groups can be formed.
The third number gives the permissions for all others.

The following shows how the permissions correspond to each number code:

7	Read, Write, and Execute	`(rwx)`
6	Read and Write only	`(rw-)`
5	Read and Execute only	`(r-x)`
4	Read only	`(r--)`
3	Write and Execute only	`(-wx)`
2	Write only	`(-w-)`
1	Execute only	`(--x)`
0	No Permissions	`(---)`

To change the permissions of a file, enter:

chmod code file

Where code is the three-digit number corresponding to the permissions you desire.

Note: When you set permissions for a file that you want others to use, you must make sure that your directories along the pathname leading to the file also have the appropriate permissions.

To set the permissions of a file so other users cannot read or write to it, enter:

chmod 600 file

To see the new permissions for the file you specify, use the ls -l file commmand.
The permissions should now be -rw------

Change Your Password

You can help keep your account safe by choosing a hard-to-guess password.

To change your password, enter:

passwd

This initiates a program that first verifies your old password, then lets you type a new password, and finally asks you to retype your new password.

Keep these items in mind when choosing a password:

Do not use words from the dictionary; instead, create a unique password by mixing uppercase letters, lowercase letters, numerals, and punctuation (e.g., i8myDog, eyeCu!, Jo?hNny).
Do not write your userid and password next to each other, or tell them to others. Doing either could give people access to your account and files, and they could then do things on your behalf such as send email.
Change your password frequently (at least once a month). You are required to change it every 120 days.

Managing Your Account

When you create an account on a Uniform Access computer, you are given an allotment of computer resources. These resources include:

Disk space-the amount of space your files take up on the computer.
Connect time-the amount of time you are logged into the system.
Central processing unit (CPU) time-the amount of time the computer must spend to execute your commands.

View Your Account Resources

To view your account's resources, and your use of those resources, enter:

assets

Figure 4: Assets Command Display

[Graphic: Assets Command Display]

This shows both your threshold, the amount you are allotted, and your usage averaged over a five-day period. When your CPU usage goes beyond your threshold amount, the computer will assign your commands a lower priority, and they will take longer to complete. If you exceed your disk space limit, you will be warned and given some time to clean up your account.

The du (disk usage) command is useful for viewing the amount of disk space, measured in kilobytes, each of your directories occupies.

To view your account's disk usage, enter:

du

For more information about accounts, enter:

help accounts

If you are like other Uniform Access users, you may eventually use up your account's resources. Before you panic, try some of the following techniques:

Remove the files you no longer need such as old email, practice files.
Check for a file named core and remove it.
Compress large files with the compress command (see the Unix Quick Reference or enter man compress for more information).

For more information about disk space and use, enter:

help diskuse