Custom Search

Wednesday, June 1, 2011

How To change permission of file folder so only root can access open it

How To change permission of file folder so only root can access open it

1. Change the ownership of the directory / file to root
chown root:root

2. Change the permissions so that only the owner of the file can read/write/execute it
chmod 700

-----------------------------------

How to change file permission in Linux so that only root user can access/open the file/dir

sudo chown root:root filename
sudo chmod 600 filename


If it's an executable, use 700 for the permissions.

You can also specify the permissions in a symbolic style:

sudo chmod u=rw filename


-------------------------------------

1) chmod 0700
The directory’s owner can read or write files in that directory as well as change to it.
All other users (except root) have no access.


2) chmod 0771
Same as for the owner. All other users can change to the directory, but not view or
change files in the directory. This can be useful for server hardening,
where you prevent someone from listing directory contents,
but allow access to a file in the directory if someone already knows it’s there.


3) chmod 0777
All permissions are wide open.


4) chmod 0000
All permissions are closed. Good to protect a directory from errant changes.
However, backup programs that run as non-root may fail to back up the directory’s contents.


5) chmod 666
Open read/write permissions completely on a file.


6) chmod 644
Only the owner can change or delete the file, but all can view it.


The first 0 in the mode line can usually be dropped (so you can use 777 instead of 0777).
The -R option is a handy feature of the chmod command. With -R, you can
recursively change permissions of all files and directories starting from a
point in the file system. Here are some

examples:
$ sudo chmod -R 700 /tmp/test Open permission only to owner below /tmp/test
$ sudo chmod -R 000 /tmp/test Close all permissions below /tmp/test
$ sudo chmod -R a+rwx /tmp/test Open all permissions to all below /tmp/test


No comments:

Post a Comment