Linux permissions explained
When solving CTF challenges or exploiting boxes you might need to know how Linux file/directory permissions work.
In this post we plan to explain in a concise and short way how they work and how you can manipulate them on your own hacks.
Linux permission levels
There are three permission levels in Linux, which are:
- User account (u): which stands for the current user session;
- User group (g): which stands for the group that the current user belongs to;
- Other user accounts (o): which stands for the remaining users.
Linux basic permissions
There are three basic permissions:
- Read (r): this gives reading permissions to the user;
- Write (w): this gives writing permissions to the user;
- Execute (x): this gives permission for the user to execute the file.
Read and change file permissions in Linux:
How to read file permissions:
To read file permissions you can run the command ls -l where the ls stands for list and the -l stands for: use a long listing format (from the ls manual (man ls)).
Below you have an example of such command:
As you can see from the image above, file1, 2 and 3 have the following permissions:
In the image above you can observe that SoBatista (which is the user account, highlighted in red in Image 1), has permission to read and write: rw-. For the user group accounts, (in this case the user group name is SoBatista, same as the user account, as displayed in Image 1) only have read permission: r–. And lastly, the other accounts also only have read permission: r–.
How to change file permissions:
To change file permissions you need to use the chmod command (which stands for change mode).
Two examples of the usage of the chmod command can be found below:
$ chmod +x file1
$ chmod 755 file1
The example above, gives to all levels (user, group and others) the execution permission for file1. The first command, only adds the execution permission to whatever is already permitted for the file1. The second command, gives file1 the exact permission combination: -rwxr-xr-x
As you can see above, there are two different ways to edit file permissions, either you use octal (numeric) or string.
$ chmod u+rwx file1
$ chmod 700 file1
Above you have another 2 examples, the first one gives only to the user account the permissions to read, write and execute file1. The second example gives file1 the exact permission combination: -rwx- – – – – –
Below you can find a table that represents the equivalence between the octal, the binary and the string representation.
string representation | octal number representation |
— | 0 |
–x | 1 |
-w- | 2 |
-wx | 3 |
r– | 4 |
r-x | 5 |
rw- | 6 |
rwx | 7 |
A few exercises
Consider the image below:
Now you can practice and try to make the edit the file, or make it possible for other users in your group to read it as well, or some other permissions. Play with it as you like!
Challenge 1: Give the user account write permissions on the file.
Challenge 2: Give the all permissions to the file (-rwxrwxrwx).
Challenge 3: Give execution permissions to the file (-rwxr-xr-x).
Feel free to practice some other permissions combinations. It is important to understand this and be able to tweak with these permissions in the command line. In our hacking journey we came across some boxes and challenges in which we had to change the permissions of the file in order to exploit the box and solve the challenge.
We hope this useful and helpful.
Thank you very much for reading!
Cheers,
MRegra & SoBatista
One Reply to “Linux permissions explained”