LINUX PERMISSIONS AND GROUPS

 Linux is inherently more secure than other operating systems by the wide range of permissions that it uses for each individual file. Most new users who install Linux on their desktops will do so in a way that their default user has access to the Wheel group. The Wheel group manages things like installing to and uninstalling from as well as system configurations using sudo privilege. It does this in a way that is secure. Normally the user won’t directly be able to access these services without typing sudo or super user do. Sudo tells the shell that the user is requesting elevated privilege directly and asks for the sudo password found in the passwd file. Sudo also suggest switching a user from the normal group level of User to Wheel, but unless the user’s name is already in the Wheel, the user will not be able to gain root access anyway, not even with a password. This type of access control prevents many user apps from gaining access to Kernel space memory and control. In Linux, each group is separate from the other with Wheel controlling the lot, however, by default, to edit and read many system files the user must have root access and have his/her name in the Wheel. This trickles down to individual file permissions as well. File permissions have a specific number or series of numbers assigned to them; such as 4, 0, 1. The first number defines what user the file is tied to, the second refers to the group and the final one defines the permissions respectively. These numbers usually come in three digits and are added up for specific types of permission. For instance, 777 gives the file across the board permissions and each number represents another access permission. The three big ones are read, write, and execute. Execution of a particular file is not the same as in Windows. Windows executables will not work on Linux, but in this sense of the word, executable means that the file can perform functions on the system such as the case for bash scripts. This gives it rights to access system configuration and run system commands freely if ran by a user of equal privilege and status. A better example is if I were root and I created a text file, If I gave the file access to other users but kept the file as root, others would be able to read the file but not write to it. That privilege remains with the root user who created it. Most of the time when making a script file executable, I use the command chmod +x where x means executable chmod changes the file credentials to allow that to happen. Chmod works with the aforementioned numbers as well, but since chmod +x is a quick and painless way to tell the system to execute the file for the originating user, it is simpler to do it this way, however, sometimes in Arch Linux systems, after an update, a file changes permissions where root files are typically 777 these come out as 775 or 755 and these are not correct, though in most cases it doesn’t cause an issue, but this depends greatly on the file. In such a scenario it would be easy enough to change by using sudo chmod and the numbers required. Chown deals mainly with groups but works in a similar way to chmod. Chown means change ownership and it allows the user to change a file’s user and group name to that of say root for example. Sudo chown $USER $GROUP $Filename is the syntax often used when running this command. Permissions are a lot more confusing in Linux than in Windows and the way Linux handles permissions is even more confusing. I will link some resources below that explain these things in more detail and with more elegance than I can do in this article.

Elithecomputerguy's Video About Permissions In Linux