Unix File System Management
UNIX File System Management
In a system as large as 5,000 users, file security is important. In the UNIX method, each user of the system is given an identification number (User ID). Each user will also be part of a primary group of users. While part of a primary group, a user also can be part of several other groups as well. When a user creates a file, the file is owned by that particular user and is indicated by his or her User ID. This is referred to as the “Owner ID.” The file is also initially set to belong to that user’s primary group that will mean the file will also have the group ID.
In UNIX, each file has 12 protection bits. Nine of these bits are delegated to specifying read, write, execute permissions for users. The other three bits are used to specify special additional behaviors that are not in this paper’s scope. A hierarchy is used in determining access to the file for the owner of the file (user), other members of the group to which the file belongs (group), and all other users (other). We can view the accessibility of the file graphically as such:
As we can see, the owner’s class can be set to allow read (R), write (W), and execute (E) permissions, the owner’s group can read and write to the file, and everyone outside the owner’s group can only read the file.
Access Control Lists
In determining a solution which only 4,990 users on the 5,000 user system can access a certain file, Access Control Lists need to be explained. Modern UNIX OS’s support file access control lists such as FreeBSD. (BSD stands for Berkley Software Distribution that is a form of catch-all term referencing UNIX-like systems.) Using FreeBSD, the system administrator can assign a certain number of UNIX user ID’s and groups to a file by utilizing the setfacl command. The system administrator can then create an access