Controlling File and Directory Permissions
53
operating system, permissions
are represented in binary, so ON and OFF
switches are represented by 1 and 0, respectively. You can think of the
rwx
permissions as three ON/OFF switches, so when all permissions are
granted, this equates to 111 in binary.
A binary set like this is then easily represented
as one digit by convert-
ing it into
octal, an eight-digit number system that starts with 0 and ends
with 7. An octal digit represents a set of three binary digits, meaning we
can
represent an entire
rwx
set with one digit. Table 5-1 contains all possible
permission combinations and their octal and binary representatives.
Table 5-1:
Octal and Binary
Representations of Permissions
Binary
Octal
rwx
000
0
---
001
1
--x
010
2
-w-
011
3
-wx
100
4
r--
101
5
r-x
110
6
rw-
111
7
rwx
Using this information, let’s go through some examples. First, if we
want to
set only the read permission, we could consult Table 5-1 and locate
the value for read:
r w x
4 - -
Next, if we want to set the permission to
wx
, we could use the same
methodology and look for
what sets the
w
and what sets the
x
:
r w x
- 2 1
Notice in Table 5-1 that the octal representation for
-wx
is 3, which not
so coincidently happens to be the same value we get when we add the two
values for setting
w
and
x
individually: 2 + 1 = 3.
Finally, when
all three permissions are on, it looks like this:
r w x
4 2 1
And 4 + 2 + 1 = 7. Here, we see that in Linux, when all the permission
switches are on, they are represented by the octal equivalent of 7.
54
Chapter 5
So, if we wanted to represent all permissions for the owner, group, and
all users, we could write it as follows:
7 7 7
Here’s where the shortcut comes in. By passing
chmod
three octal digits
(one for each
rwx
set),
followed by a filename, we can change permissions on
that file for each type of user. Enter the following into your command line:
kali >
chmod 774 hashcat.hcstat
Looking at Table 5-1, we can see that this statement gives the owner all
permissions, the group all permissions, and everyone else (other) only the
read permission.
Now we can see whether those permissions
have changed by running