如下是UNIX系统中目录权限和文件权限的含义:
TABLE 1. UNIX DIRECTORY Permissions
| WHO | WHAT THE PERMISSIONS ALLOW | |
|---|---|---|
| USER | Read (r) | The account owner can list the files in the directory. |
| Write (w) | The account owner can create or delete files in the directory. | |
| Execute (x) | access files in that directory by name (such as Web page files). | |
| GROUP | Read (r) | Everyone in the designated group can list the files in the directory. |
| Write (w) | Everyone in the group can create or delete files in the directory. | |
| Execute (x) | Everyone in the group can change (cd) into the directory and access files in that directory by name (such as Web page files). | |
| OTHER | Read (r) | Anyone can list the files in the directory. |
| Write (w) | Anyone can create or delete files in the directory. | |
| Execute (x) | Anyone can change (cd) into the directory and access files in that directory by name (such as Web page files). | |
TABLE 2. UNIX FILE Permissions
| WHO | WHAT THE PERMISSIONS ALLOW | |
|---|---|---|
| USER | Read (r) | The account owner can read the file. |
| Write (w) | The account owner can modify or delete the file. | |
| Execute (x) | The account owner can run the file as a program. | |
| GROUP | Read (r) | Everyone in the designated group can read the file. |
| Write (w) | Everyone in the group can modify or delete the file. | |
| Execute (x) | Everyone in the group can can run the file as a program. | |
| OTHER | Read (r) | Anyone can read the file. |
| Write (w) | Anyone can modify or delete the file. | |
| Execute (x) | Anyone can run the file as a program. | |
对于文件的权限,实际上并不象表2中所示那样简单。因为考虑一个文件的权限时,还需要考虑文件所在的各级目录的权限问题(root用户除外)。
1. 用户对文件的读权限
需要满足条件:
(1) 对于文件本身,用户有读权限,即表2中所列的读(r)权限。
(2) 对于文件所在的各级目录(从根目录一直到文件所在目录),用户均需有执行(x)权限,即父目录具有x权限,否则,用户无法访问目录。
2. 用户对文件的删除权限
文件本身的权限中并没有对“删除”权限的限制,实际上对文件的“删除”权限,是通过目录的写(w)权限来限制的。
需要满足条件:
用户在文件所在各级目录上都有执行(x)权限,同时需要在文件所在目录(注意不是各级目录)具有写(w)权限。
3. 用户对文件的写权限 (与读权限类似)
需要满足条件:
(1) 对于文件本身,用户有写权限,即表2中所列的写(w)权限。
(2) 对于文件所在的各级目录(从根目录一直到文件所在目录),用户均需有执行(x)权限。
4. 用户对文件的创建权限 (与删除权限类似)
文件本身的权限中并没有对“创建”权限的限制,对文件的“创建”权限,是通过目录的写(w)权限来限制的。
需要满足条件:
用户在各级目录上都有执行(x)权限,同时需要在创建文件的目录上具有写(w)权限。
5. 列出目录中文件权限
需要满足条件:
用户在各级目录上都有执行(x)权限,同时需要在最后一级目录上具有读(r)权限。