Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!att!cbnewsl!dww From: dww@cbnewsl.ATT.COM (david.w.weatherford) Newsgroups: alt.sources Subject: Re: chmod args (was Re: Need a "watching" program) Keywords: chmod Message-ID: <714@cbnewsl.ATT.COM> Date: 2 Jun 89 19:29:52 GMT References: <8923@csli.Stanford.EDU> <11680@s.ms.uky.edu> <8928@csli.Stanford.EDU> <12743@ihlpy.ATT.COM> <1953@ur-cc.UUCP> <2126@amelia.nas.nasa.gov> <8605@chinet.chi.il.us> Reply-To: dww@cbnewsl.ATT.COM (david.w.weatherford) Distribution: usa Organization: AT&T Bell Laboratories Lines: 108 In article <8605@chinet.chi.il.us> ignatz@chinet.chi.il.us (Dave Ihnat) writes: >>In article <12743@ihlpy.ATT.COM> bdavies@ihlpy.UUCP (55314-Davies,B.) writes: >>Really. *I* know what you all mean, but why does everyone teach the >>octal way when these mnemonic ways exist that are so nice and easy to >>understand for everyone? Don't you all believe in abstraction? > >Actually, they still have two different and useful functions. The mnemonic >method is a mask, while using the octal is a total reset. So, the mnemonic >is simpler if I just want to toggle a particular permission; I don't need >to be sure to not destroy other bits: > >Old permission Desired Permission Octal arg. Mnemonic arg. >777 774 774 o-wx,o+r > >Notice that if I didn't know the old permission--say, in a shell script-- >the mnemonic, while still a bit verbose, is still simpler than the shellish >to extract the old values, mask in only those I want to change, and then >execute the chmod. > >On the other hand, if I'm installing a program and have definite ideas >about the permissions I want to set, then the octal form is cleaner: > >Desired Permission Octal arg. Mnemonic arg. >2710 2710 u+rwx,g+xs,g-rw,o-rwx > >At this point, the octal mask is cleaner, since you still have to do the mental >dance to interpret the now rather long mnemonic string. > >Finally, I firmly believe that it's an absolute necessity for even casual >Unix users to fully understand file permissions; most security violations >on Unix can be traced to user carelessness, either due to misunderstanding or >simple lack of care when dealing with file permissions. There are some quite >decent interactive tools in the PD to allow naieve users to manipulate their >permissions without resort to either bitmasks or the rather dense mnemonics >of chmod, if this is a problem. Newsgroups: alt.sources Subject: Re: chmod args (was Re: Need a "watching" program) Summary: You can used "chmod =rw foo" as easily as "chmod 666" Expires: References: <8923@csli.Stanford.EDU> <11680@s.ms.uky.edu> <8928@csli.Stanford.EDU> <12743@ihlpy.ATT.COM> <1953@ur-cc.UUCP> <2126@amelia.nas.nasa.gov> <8605@chinet.chi.il.us> Sender: Reply-To: dww@cbnewsl.ATT.COM (david.w.weatherford) Followup-To: Distribution: usa Organization: AT&T Bell Laboratories Keywords: chmod In article <8605@chinet.chi.il.us> ignatz@chinet.chi.il.us (Dave Ihnat) writes: :>In article <12743@ihlpy.ATT.COM> bdavies@ihlpy.UUCP (55314-Davies,B.) writes: :>Really. *I* know what you all mean, but why does everyone teach the :>octal way when these mnemonic ways exist that are so nice and easy to :>understand for everyone? Don't you all believe in abstraction? : :Actually, they still have two different and useful functions. The mnemonic :method is a mask, while using the octal is a total reset. This is not so. Mnemonic mode has the "=" operator to do "total reset". : So, the mnemonic :is simpler if I just want to toggle a particular permission; I don't need :to be sure to not destroy other bits: :Old permission Desired Permission Octal arg. Mnemonic arg. :777 774 774 o-wx,o+r The above example could be expressed "o=r". Same number of characters, no danger of munging other bits. :Notice that if I didn't know the old permission--say, in a shell script-- :the mnemonic, while still a bit verbose, is still simpler than the shellish :to extract the old values, mask in only those I want to change, and then :execute the chmod. :On the other hand, if I'm installing a program and have definite ideas :about the permissions I want to set, then the octal form is cleaner: :Desired Permission Octal arg. Mnemonic arg. :2710 2710 u+rwx,g+xs,g-rw,o-rwx :At this point, the octal mask is cleaner, since you still have to do the mental :dance to interpret the now rather long mnemonic string. Use the "=" operator; in most cases it is (almost) as succinct. Such as, =rw for 666, =rwx for 777, =r for 444. If you want different permissions for each of u, g, and o, then the string can be a bit verbose, as in "u=rwx,g=rx,o=r" for 751. Even so, the mnemonic form is more, uh, well, mnemonic! The 2710 above could be expressed as "u=rwx,g=xs,o=" much more succinctly. Still not as short as the octal form, but clearer, and no mental gymnastics required. :Finally, I firmly believe that it's an absolute necessity for even casual :Unix users to fully understand file permissions; most security violations :on Unix can be traced to user carelessness, either due to misunderstanding or :simple lack of care when dealing with file permissions. No argument here. : There are some quite :decent interactive tools in the PD to allow naieve users to manipulate their :permissions without resort to either bitmasks or the rather dense mnemonics :of chmod, if this is a problem. I still think that the mnemonics are not "dense" -- I rather like them, but each to his own. Dave Weatherford AT&T Bell Laboratories attunix!dww Summit, NJ