PERMS(3): file permissions and permission checks
DESCRIPTIONFiles are described by directory entries as described in dir(3). Read that before reading the description of permission checks that follows.
Users and groups are defined by the authentication protocol spoken when dialing file systems. They are a local to each file tree.
In general, only bits
0777 are honored and
their sematics are those used by UNIX for both files and directories,
but for what follows.
- Users in the group are granted permission either by the group
bits or by the other bits.
- The owner is granted permissions by its bits, or the group bits,
or the other bits.
- When new files or directories are created, their group is set to
that to the containing directory unless a different one is specified
in the system call.
- The group mode bits for new files and directories are masked
with those of the containing directory, and then any group bit set in
the containing directory is set if it is also set for the user. (NOTE:
not yet for the second edition).
- Moving a file requires just write permissions in the parent
directories for the old and new locations.
- Creating a file requires write permission in the file (if it
existed) or in the parent dir (if it did not exist).
- Only the owner may change the mode of a file.
- Changing the size using
wstatrequires write permissions on the file.
- Uids (but for
wuid) can be changed by the owner but only if the owner is
elfor the owner is also in the target uid.
- Only the owner or anyone with write permission on a file may
mtimeor other attributes not described before.