Imagine a system that supports 5,000 users and the administrator wants to allow 4,990 of those users access to one file. What would the protection scheme look like? Before we can answer that question, perhaps it would help to understand how file access and protection schemes work. Introduced in early versions of UNIX was a file access control scheme where each user is giving a unique user identification number or user ID. According to the text, a user is also a member of a primary group and can possibly belong to other groups as well, each identified by a group ID (Stallings, 2012). Files created by a user will be marked with that user’s ID. This means it now belongs to a specific group, whether it is the primary group or a group belonging to a parent directory that has SetGID permissions set. Twelve protection bits are then assigned to each file; this includes the owner ID, group ID, and other protection bits that are part of the file’s inode (Stallings, 2012).
Here is an example of what the protection bits would look like;
rwx | rwx | rwx
Each letter in the sequence represents the kind of permission being given. The “r” stands for read, the “w” stands for write, and the “x” stands for executable. The first set represents the owner’s permissions, the second set is the group, and the third set is the other. These permissions can be turned on and off, the off position is represented by a “-“. In other words, if I wanted to give only the owner full permissions to read, write, and execute and only allow the group to read and execute while others will only have the ability to read, I would set the protection as;
r w x | r - x | r - x | r - -
As you can see, the first segment contains “r w x“, this means the owner has the permission to read, write, and execute on the specified file. In the next segment the permissions are specified as “r – x”, this means the groups can only read and execute and are not allowed to write to the file. The...