module 2 day 4, final day of module 2: supplemental reading for special permissions in windows through Permissions Quiz Flashcards
what can groups or users do with Full control?
groups or users granted full control permissions on a folder can delete any files in that folder regardless of the permissions protecting the file
Although they have the same special permissions, what permissions are inherited differently?
List Folder Contents and Read&Execute
What is inherited by folders but not files?
List Folder Contents
What is inherited by both files and folder and is always present when you view file or folder permissions?
read&execute
What group does not include the Anonymous Logon group by default?
the Everyone group, so permissions applied to the Everyone group do not affect the Anonymous Logon group.
what do you need special permissions for in Linux?
Giving a normal user root access
How can we write or scramble passwords in the shadow file if it is owned by root?
a special permission bit known as setuid
what does setuid do?
enable files to be run set by the permissions of the owner of the file
how do you run the passwd command? what are you running it as?
as root
in rws, what does the s permission stand for?
setuid
what allows us to run the file with the permissions of the owner of the file?
when the S is substituted where a regular bit would be in the first three bits of permissions
how do you enable the setuid bit? what two methods are available?
symbolically or numerically
how do you enable the setuid bit in symbolic format? for mycoolfile.txt
use an s.
sudo chmod u+s mycoolfile.txt
how do you enable the setuid bit in numeric format? for filename.txt
sudo chmod 4755 filename.txt
you prepend a 4 to the other permissions for the file to enable setuid.
how can I run a file similar to setuid?
with group permissions
what does the passwd command do?
it scrambles our password and adds it to the shadow file
what does setuid do?
allows the file to be run by the permissions of the owner of the file
what is setUID?
a special permission
what is s replacing for setuid?
x
what can you use to run a file with group permissions?
SetGID
how can you see if the setGID is enabled?
run:
ls -l /usr/filename,
and you look in the bits 4-6 of the permissions
what is the numerical format for setGID? for filename.txt
2 prepended to the permissions set
sudo chmod 2755 filename.txt
what is the symbolic format for setting setGID? for filename.txt
sudo chmod g+s filename.txt
what bit sticks a file or folder down and makes it so anyone can write to a file or folder but they can’t delete anything, only the owner or root can delete anything
the sticky bit
in ls, what does the d flag do?
shows information for just the directory and not the contents
what does the special permission symbol t mean in a file’s permissions, like in the /tmp file?
anyone can add and modify files
who can delete the /tmp directory?
only root or the owner
what formats can i use to enable the sticky bit?
numerical or symbolic
what is the numerical bit for sticky bit?
1
what does the command
sudo chmod +t file.txt
do?
add the sticky bit
what does
sudo chmod 1755 filename.txt
do?
add the sticky bit numerically
what are core concepts in security?
user access, group access, passwords, and permissions
access control lists
ACL
a user that has complete control over a machin
Administrator
a way of protecting your accounts and information such as facial recognition and fingerprint
biometric data
a tool that lets you manage a local or remote computer
computer management
discretionary Access control list
DACL
a process for setting permissions for who has access to certain files
File permissions
a user or group can do anything they want to files.
full control
a permission group that mean that a DACL will be inherited, but not applied to a container
Inherit Only
a command that will execute and list folder contents and is an alias for Read and Execute
List folder contents
a system used to apply and enforce rules about how the device has to be configured and used
Mobile device management
an umbrella permissions that includes read and execute and write
modify
the initial account you made during setup
primary account
permissions that grant you access to read the file that exists and execute it if it’s runnable
Read and execute permissions
permissions that grant you access to read the file that exists
Read permissions
It is the first user. It gets automatically created when we install a Linux OS and has all the privileges on the OS. Also called the super user. Technically only one, but anyone that is granted access to their powers can be called a super user too
Root user
system access control list
SACLs
one of these is actually made up of multiple Special or specific permissions
Simple permissions
an account that grants you access to multiple accounts without requiring constant entry of a password or username
single sing on, SSO
a user who is given access to the machine but has restricted access to do things like install software or change certain settngs
standard user
a network of computers and users that are added to a central database
windows domain
a permissions that allows you to make changes to a file
write permission
