| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • You already know Dokkio is an AI-powered assistant to organize & manage your digital files & messages. Very soon, Dokkio will support Outlook as well as One Drive. Check it out today!

View
 

AccessControl

Page history last edited by Patrick 6 years, 7 months ago

Lecture Overview

 

  • In this lecture I will cover a number of important commands including how to:

 

    • manage users
    • change file permissions
    • change directory permissions

 

  • This is crucial to security in IT.  Who owns a file as well as permission related to a file determine what a user can do to it.  Do you really want EVERY user to be able to read, change/modify, and delete a file? Heck no!  This video will show you how to manager users and permissions so that only certain users have limited permissions necessary to do their job. In the second video I demonstrate how to add users to different groups, and change group permissions to allow users to read/write/execute on certain directories and files.  You do know about the military data classification/clearance scheme, right?  Data can be classified as unclassifiedconfidentialsecret, and top secret.  Users have clearance levels: secrettop secret. (It's actually a little more complicated than this, but let's go with this simple explanation for now).  Users who have a secret clearance may read a document if a) the document is classified as secret or lower, and b) a need to know (that is, it's important to his/her job). A user with a secret clearance cannot read any document classified as top secret.  Users with a top secret clearance can read data classified as secret and top secret (as long as they have a need to know).  This type of access control (called mandatory access control) is an important means of ensuring the confidentially and integrity of the data.  Discretionary access control is the type of access control used by Linux (leaving it to the user to indicate who can read/change what).
  • In the second video I show how to create users and groups, put users into different groups, change directory permissions so that only certain group members can read certain directories and files.  This will be an important part of your job as an IT/security/network administrator. 

 

  • NOTE: It is important that you follow along, that is, duplicate, what I'm while watching the video.  When I demonstrate a command, you should have your Linux running, and do what I do.  You can pause the video and restart it when you are ready to progress.

 

 

Readings

 

Video Lectures:

 

 

Additional Supporting Material:

Man pages:

 

External Links:

 

 

Comments (0)

You don't have permission to comment on this page.