Protecting Your Account and Files
Included on this page:- File and Directory Permissions and Access
- Change Your Password
- Managing Your Account
- View Your Account Resources
Like a house or automobile, Unix computer accounts must be protected. If you are not careful, your account and files can be broken into, vandalized, or even stolen by unlawful computer users.
File and Directory Permissions and Access
You decide who can use your files and directories by setting permissions. Each file and directory has three types of permissions:- Read (r) gives permission to view, print, and copy.
- Write (w) gives permission to edit, delete, and save.
- Execute (x) gives permission to run an executable file, such as a program. In the case of a directory, (x) allows you to change to that directory.
You set these permissions for three classes of users:
- You, the owner of the file.
- Your group.
- All others.
You can view the permissions of your files using the ls -l command. The ls -l command lists the contents of your directory in long format. For example:
| drwxr-xr-x | 2 userid | 512 Sep 14 08:24 | Sales | ||
| drwxr-xr-x | 2 userid | 512 Sep 14 08:24 | Receipts | ||
| -rw-r--r-- | 1 userid | 0 Sep 14 08:24 | budget |
Figure 3: Permission Settings for a File and a Directory
![[Graphic: Permission Settings for a File and a Directory]](/computing/unix/startdoc/graphics/figure3.gif)
The first character indicates file type: a - (hyphen) indicates an ordinary file, and a d indicates a directory. Unix considers the next nine characters as three sets of three. The first set of three determines the owner's permissions, the second set determines the group's permissions, and the third set determines all others' permissions.
If you wish to change the permissions of a file or directory, you can use the chmod (change mode) command. The chmod command uses a number code. Each permission setting corresponds to a number between 0 and 7. For each file or directory, you assign three numbers between 0 and 7.
- The first number gives the permissions for the owner.
- The second number gives the permissions for the
owner's group.
- The third number gives the permissions for all others.
The following shows how the permissions correspond to each number code:
| 7 | Read, Write, and Execute | (rwx) | |||
| 6 | Read and Write only | (rw-) | |||
| 5 | Read and Execute only | (r-x) | |||
| 4 | Read only | (r--) | |||
| 3 | Write and Execute only | (-wx) | |||
| 2 | Write only | (-w-) | |||
| 1 | Execute only | (--x) | |||
| 0 | No Permissions | (---) |
To change the permissions of a file, enter:
chmod code file
Where code is the three-digit number corresponding to the permissions you desire.
Note: When you set permissions for a file that you want others to use, you must make sure that your directories along the pathname leading to the file also have the appropriate permissions.
|
To set the permissions of a file so other users
cannot read or write to it, enter:
chmod 600 file To see the new permissions for the file
you specify, use the ls -l
file commmand. |
Change Your Password
You can help keep your account safe by choosing a hard-to-guess password.To change your password, enter:
passwd
This initiates a program that first verifies your old password, then lets you type a new password, and finally asks you to retype your new password.
Keep these items in mind when choosing a password:
- Do not use words from the dictionary; instead, create a unique password by mixing uppercase letters, lowercase letters, numerals, and punctuation (e.g., i8myDog, eyeCu!, Jo?hNny).
- Do not write your userid and password next to each other, or tell them to others. Doing either could give people access to your account and files, and they could then do things on your behalf such as send email.
- Change your password frequently (at least once a month). You are required to change it every 120 days.
Managing Your Account
When you create an account on a Unix computer, you are given an allotment of computer resources. These resources include:- Disk space-the amount of space your files take up on the computer.
- Connect time-the amount of time you are logged into the system.
- Central processing unit (CPU) time-the amount of time the computer must spend to execute your commands.
View Your Account Resources
The du (disk usage) command is useful for viewing the amount of disk space, measured in kilobytes, each of your directories occupies.
To view your account's disk usage, enter:
du
If you are like other Unix users, you may eventually use up your account's resources. Before you panic, try some of the following techniques:
- Remove the files you no longer need such as old email, practice files.
- Check for a file named core and remove it.
- Compress large files with the compress command (see the Unix Quick Reference or enter man compress for more information).
