My goal is to prevent modify/read
permission of other users except the owner. On ubuntu forums as solutions both approach is given.
sudo useradd -d /home/newuser -m newuser chmod 700 /home/newuser # or # chmod go-rwx /home/newuser
[Q] Is there any difference between chmod go-rwx
and chmod 700
or both accomplish the same thing? If there is a difference which one is recommended?
-rw-r--r-- (644) -- Only user has read and write permissions; the group and others can read only. -rwx------ (700) -- Only the user has read, write and execute permissions. -rwxr-xr-x (755) -- The user has read, write and execute permissions; the group and others can only read and execute.
Therefore, 750 means the current user can read, write, and execute, the group cannot write, and others cannot read, write, or execute. 744 , which is a typical default permission, allows read, write, and execute permissions for the owner, and read permissions for the group and “world” users.
chmod 700 fileProtects a file against any access from other users, while the issuing user still has full access.
go-rwx
removes read, write, execute permissions from the group and other users. It will not change permissions for the user that owns the file.
Therefore e.g. a file with 644 (rw-r--r--
) permissions will have 600 (rw------
) after the command.
chmod 700
on the other hand will always change the permissions to 700 (rwx------
), no matter the previous permissions.
So it depends on what you want to accomplish.
Notes:
-R
to change entire directories, this makes go-rwx
more useful, as the executable flag is usually only wanted on folders (so they can be entered) and program files that need to be executed.
Using 700
would add the executable flag to all files that don't have it yet, which is usually not what you'd want to do.chmod 700
would actually look like in the other notation is chmod u+rwx,go-rwx
or chmod u=rwx,go=
(grants all permissions to user that owns file, removes all permissions of group and other)ugo±rwx
syntax scheme.There could be a difference:chmod 700
lets the owner read , write and execute, and gives no permissions for Group and Other.
chmod go-rwx
removes read/write/execute permissions from group and others, but preserves whatever permissions the owner had.
So, for example, if the owner didn't have execute permission on the file, to begin with, and only had read and write, the result could be different. With chmod 700
, the owner would also get execute permission, which he would not with chmod go-rwx
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With