Chapter 3 Linux Permissions
Linux has something new, and a little challenging to understand at first: Permissions
So, when you have one user on one computer on one desk, security and privacy is easy. Turn the light off and lock the door. Done!
What happens when multiple people can access the computer from anywhere, including the internet? Not so easy! So, Linux has a strict permission system. Every user has his own directory under /home. So, Tom, Dick and Harry infers there is a /home/tom, /home/dick and /home/harry directory. There is also another user by default known as root. He owns all the operating system files. Tom, Dick and Harry all work for XYZ company. You can now form groups. By default, Tom belongs to the group tom. Dick belongs to the group dick. Harry belongs to the group harry. root belongs to the group root. You now create a group named XYZ, and add Tom, Dick and Harry. Dick and Harry are working on a hot project called Hot. So, you create a group called hot and add Dick and Harry.
Every file has three sets of permissions. Owner, Group and Other. Each branch is given permission to read, write, execute. Tom writes a document. He becomes the owner of this document. By default, he can read, write and execute this file. It will default also to the group tom. He decides if members of his group, and all others (Like over the internet) can read, write or execute his file. If Tom assigns this file to the group XYZ, He can say that Dick and Harry can read and write this file, but outsiders can only read it. Dick is working with Harry on the Hot project. He creates a file and assignes it to the group hot. He can decide that he can read, write and execute this file, Harry can only read it, and Tom as well as everybody else can do nothing. So, every file has a Owner, Group and Other category, and the file creator decides who can read, write or execute each individual file. So, we can decide that Tom is in charge of the computers. We include him in the group root. He can now, with the proper password, perform system functions by his inclusion in the group root. This is a lot to swallow, but as you play with it, it will make more sense. The good news is that, for the most part, following the directions for a project, it will be taken care of. You can set up many groups with different permissions to suit who you want your files to be seen by and who can do what.
So, we have the basics. It's now time to set up a Pi.
Jim Albrecht, K2BHM