Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the difference between `chmod go-rwx` and `chmod 700`

My goal is to prevent modify/read permission of other users except the owner. On ubuntu forums as solutions both approach is given.

sudo useradd -d /home/newuser -m newuser
chmod 700 /home/newuser # or # chmod go-rwx /home/newuser

[Q] Is there any difference between chmod go-rwx and chmod 700 or both accomplish the same thing? If there is a difference which one is recommended?

like image 657
alper Avatar asked Jun 07 '18 07:06

alper


People also ask

What are the differences between 644 and 700 after we run the chmod command?

-rw-r--r-- (644) -- Only user has read and write permissions; the group and others can read only. -rwx------ (700) -- Only the user has read, write and execute permissions. -rwxr-xr-x (755) -- The user has read, write and execute permissions; the group and others can only read and execute.

What does chmod 750 do?

Therefore, 750 means the current user can read, write, and execute, the group cannot write, and others cannot read, write, or execute. 744 , which is a typical default permission, allows read, write, and execute permissions for the owner, and read permissions for the group and “world” users.

What does chmod 700 mean?

chmod 700 fileProtects a file against any access from other users, while the issuing user still has full access.


2 Answers

go-rwx removes read, write, execute permissions from the group and other users. It will not change permissions for the user that owns the file.

Therefore e.g. a file with 644 (rw-r--r--) permissions will have 600 (rw------) after the command.

chmod 700 on the other hand will always change the permissions to 700 (rwx------), no matter the previous permissions.

So it depends on what you want to accomplish.

Notes:

  • Especially when using -R to change entire directories, this makes go-rwx more useful, as the executable flag is usually only wanted on folders (so they can be entered) and program files that need to be executed. Using 700 would add the executable flag to all files that don't have it yet, which is usually not what you'd want to do.
  • What the general effect of chmod 700 would actually look like in the other notation is chmod u+rwx,go-rwx or chmod u=rwx,go= (grants all permissions to user that owns file, removes all permissions of group and other)
  • Not all versions of chmod support the ugo±rwx syntax scheme.
like image 125
Jay Avatar answered Nov 23 '22 00:11

Jay


There could be a difference:
chmod 700 lets the owner read , write and execute, and gives no permissions for Group and Other.

chmod go-rwx removes read/write/execute permissions from group and others, but preserves whatever permissions the owner had.

So, for example, if the owner didn't have execute permission on the file, to begin with, and only had read and write, the result could be different. With chmod 700, the owner would also get execute permission, which he would not with chmod go-rwx.

like image 30
Gonen I Avatar answered Nov 23 '22 02:11

Gonen I