Lab Exercise 1

Due: April 19, 2021 (note change of date)
Points: 100

This laboratory exercise is designed to teach you about Linux file permissions.

You are to write a program called “access” that will say what rights a user or group has over a file or directory.

Command

The command for your program is the following: 

access[ -g ] name  file1
In this command, name is either a name or a non-negative integer. If the -g flag is given, name is interpreted as a group name or GID, and if that flag is not given, it is interpreted as a user name or UID. It is an error to give a non-existent user or group name, but it is not an error to give a UID or GID without an associated name.

Example Output

In these examples, “files” is a file and “dirt” is a directory. Assume “filex” has owner bishop, group owner users, and protection mode 0654, and the directory “dirx” has the same owner and group and the protection mode 0751. Then the command 

access bishop filex
prints 
The user bishop (UID 7000403) can read and write the file filex
The command 
access sushi filex
prints 
The user sshd (UID 74) can read the file filex
and the command 
access 10 filex
prints 
The user with UID 10 can read the file filex
but the command 
access -g 10 filex
prints 
Members of the group users (GID 10) can read and execute the file filex
The difference is that, without the -g option, the 10 is interpreted as a UID, and there is no associated name. But with that option, the 10 is interpreted as a GID, and that has the associated name “users”.

If any of the named files are directories, you are to print “list the contents of”, “modify”, or “search” rather than “read”, “write”, and “execute”, respectively. So, the command 

access bishop dirx
prints 
The user bishop (UID 7000403) can list the contents of, modify, and search the directory dirx
(all on the same line), the command 
access -g users dirx
prints 
Members of the group users (GID 10) can list the contents of and search the directory dirx
and the command 
access -g cosmos dirx
prints 
Members of the group cosmos (GID 900) can search the directory dirx

Checking Your Output

A reference version of this program is available in the directory ~bishop/ecs153 on the CSIF; it is the executable file “access”. Your output, and especially your error output, is to match that of this program.

Submitting Your Program

Instructions will follow.

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153, Computer Security
Version of April 6, 2021 at 1:13AM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh