穿透表象：解构Linux文件权限与粘滞位的底层逻辑

一、权限三问：深入理解Linux权限机制的关键问题

注意：以下所说的文件包括：普通文件和目录！！！

1.1 作为一个普通用户，进入一个目录需要什么权限？

• 进入一个目录需要 x 权限，x 权限决定是否可以进入一个目录
• r 权限决定了是否可以查看目录里面的文件信息
• w 权限决定了能不能在指定目录里面新建/删除文件

我们在xshell中演示一下：

代码语言：javascript

AI代码解释

[carrot@VM-0-16-centos ~]$ ll total 4 drwxrwxr-x 2 carrot carrot 4096 Dec 24 14:06 dir1 [carrot@VM-0-16-centos ~]$ ll dir1 total 8 -rw-rw-r-- 1 carrot carrot 6 Dec 24 14:06 hello.txt -rw-rw-r-- 1 carrot carrot 10 Dec 24 14:06 test.txt

我用普通用户创建了一个dir1目录，并且在dir1目录中创建了两个文件：hello.txt和test.txt

现在我（carrot）作为该目录dir1的拥有者，对于dir1目录有rwx权限——

• 删除拥有者的 r 权限

代码语言：javascript

AI代码解释

[carrot@VM-0-16-centos ~]$ chmod u-r dir1 [carrot@VM-0-16-centos ~]$ ll total 4 d-wxrwxr-x 2 carrot carrot 4096 Dec 24 14:06 dir1 # 将拥有者的 r 权限删除之后，可以正常进入 [carrot@VM-0-16-centos ~]$ cd dir1 [carrot@VM-0-16-centos dir1]$ pwd /home/carrot/dir1

我们将拥有者的 r 权限删除之后，可以正常进入dir1目录，说明权限 r 不是决定作为一个普通用户是否可以进入目录

而是决定一个普通用户是否查看目录中的文件信息——

• 删除拥有者的 w 权限

代码语言：javascript

AI代码解释

[carrot@VM-0-16-centos ~]$ chmod u+r,u-w dir1 [carrot@VM-0-16-centos ~]$ ll total 4 dr-xrwxr-x 2 carrot carrot 4096 Dec 24 14:06 dir1 [carrot@VM-0-16-centos ~]$ cd dir1 [carrot@VM-0-16-centos dir1]$ pwd /home/carrot/dir1 [carrot@VM-0-16-centos dir1]$ ll total 8 -rw-rw-r-- 1 carrot carrot 6 Dec 24 14:06 hello.txt -rw-rw-r-- 1 carrot carrot 10 Dec 24 14:06 test.txt

我们加上carrot作为拥有者的 r 权限，并删除 w 权限，发现可以进入dir1目录，并且可以查看文件的信息，说明 w 权限不是决定作为一个普通用户是否可以进入目录

而是决定一个用户是否在dir1目录中新建文件和删除文件——

• 删除拥有者的 x 权限

代码语言：javascript

AI代码解释

[carrot@VM-0-16-centos ~]$ chmod u+w,u-x dir1 [carrot@VM-0-16-centos ~]$ ll total 4 drw-rwxr-x 2 carrot carrot 4096 Dec 24 14:06 dir1

ok，我们加上dir1目录拥有者的 w权限，删除 x权限——

此时再进入di1目录就进不去了——

这就说明 x权限决定一个用户是否可以进入目录！！！

ok，那接下来我们再来看一下：w 权限决定了能不能在指定目录里面新建/删除文件

此时我在拥有者是carrot（普通用户），所属组是carrot（普通用户）的dir1目录中，用root权限创建一个拥有者是root，所属组是root的普通文件——

此时删除root.txt文件对于other的全部权限——

我现在作为一个普通用户（carrot），对于该root.txt文件不能读、不能写、不能执行，那我直接删除这个文件——

我作为一个普通用户竟然删掉了这个由root创建的，拥有者是root，所属组是root，对于other没有rwx权限的root.txt文件，这合理吗？

ok，这是合理的，root.txt文件在dir1目录中，我对于dir1目录有w权限，我能删除dir1目录中的所有文件，虽然root.txt是root创建的，但是你是在我的目录中创建的，只要对于目录我有 w权限，我就可以删除该目录中的任何文件！！！

总结：

• 目录中的文件能否被删除，由所在的目录的 w权限决定！！！

1.2 为什么新建文件的时候，新建的文件的权限就是我们所看到权限？

也就是：为什么新建文件或者目录的时候，一新建出来就是上面我们所看见的权限？

1.2.1 普通文件

ok，我们先来看普通文件——

rw-r--r-- 就是 644，为什么是664呢？不应该是666或者777吗？

但这也不是666，而是644，这是为什么？

其实在Linux系统中，会存在一个叫做：权限掩码

我们使用：umask，就可以查看当前系统中的权限掩码——

https://www.dongchedi.com/article/7592746589790290456
https://www.dongchedi.com/article/7592746855097221656
https://www.dongchedi.com/article/7592746675454820926
https://www.dongchedi.com/article/7592748365323354648
https://www.dongchedi.com/article/7592746719646204478
https://www.dongchedi.com/article/7592747640958272062
https://www.dongchedi.com/article/7592749678932918808
https://www.dongchedi.com/article/7592746867159925273
https://www.dongchedi.com/article/7592745331981730329
https://www.dongchedi.com/article/7592745446175719961
https://www.dongchedi.com/article/7592753637567431230
https://www.dongchedi.com/article/7592749105718608446
https://www.dongchedi.com/article/7592747850602168894
https://www.dongchedi.com/article/7592751089959928344
https://www.dongchedi.com/article/7592749677783630398
https://www.dongchedi.com/article/7592748937338487358
https://www.dongchedi.com/article/7592751861838037528
https://www.dongchedi.com/article/7592748390052692542
https://www.dongchedi.com/article/7592748902508937790
https://www.dongchedi.com/article/7592752692859273753
https://www.dongchedi.com/article/7592752407277486616
https://www.dongchedi.com/article/7592751306877010494
https://www.dongchedi.com/article/7592751583336104473
https://www.dongchedi.com/article/7592753001002254873
https://www.dongchedi.com/article/7592742783815827993
https://www.dongchedi.com/article/7592746107613708825
https://www.dongchedi.com/article/7592745316932600382
https://www.dongchedi.com/article/7592742556312748569
https://www.dongchedi.com/article/7592744391702266392
https://www.dongchedi.com/article/7592744697026953752
https://www.dongchedi.com/article/7592743124330529304
https://www.dongchedi.com/article/7592746088361165337
https://www.dongchedi.com/article/7592741588309656089
https://www.dongchedi.com/article/7592744567833870873
https://www.dongchedi.com/article/7592745982770004504
https://www.dongchedi.com/article/7592739924609647166
https://www.dongchedi.com/article/7592743902273389081
https://www.dongchedi.com/article/7592744958071702040
https://www.dongchedi.com/article/7592743141112365593
https://www.dongchedi.com/article/7592743666985484824
https://www.dongchedi.com/article/7592744049409851928
https://www.dongchedi.com/article/7592744024860574270
https://www.dongchedi.com/article/7592742696129806873
https://www.dongchedi.com/article/7592743608927715865
https://www.dongchedi.com/article/7592742856737964606
https://www.dongchedi.com/article/7592691833533465112
https://www.dongchedi.com/article/7592690193359340056
https://www.dongchedi.com/article/7592693300055228990
https://www.dongchedi.com/article/7592684971291460121
https://www.dongchedi.com/article/7592679390245388825
https://www.dongchedi.com/article/7592685439086559768
https://www.dongchedi.com/article/7592678022445531673
https://www.dongchedi.com/article/7592684522227958334
https://www.dongchedi.com/article/7592724981638054424
https://www.dongchedi.com/article/7592729300793819673
https://www.dongchedi.com/article/7592685814329967166
https://www.dongchedi.com/article/7592727491421504062
https://www.dongchedi.com/article/7592728878532035134
https://www.dongchedi.com/article/7592726559455560216
https://www.dongchedi.com/article/7592728806767657496
https://www.dongchedi.com/article/7592724487658242584
https://www.dongchedi.com/article/7592723518032101912
https://www.dongchedi.com/article/7592753001002254873