File Ownership: Web Server Secrets, Part 2

Let’s start with perhaps the trickiest concept of all – file ownership.

I’m sure you’re too young to recall this, but back in the mid 20th century, there was something known as a typewriter. A typewriter typically had one owner – that is, any specific typewriter was only used by one person.

In the same way, your laptop or desktop computer is probably a single-user machine. You don’t need to worry about working around or interfering with somebody else’s files. You might worry about people snooping, but that’s a different issue. Generally speaking, each person has his or her own personal computer.

Departmental Computing

There was, of course, a gap between everyone (or everyone’s secretary) having a typewriter, and everyone having their own personal computer. We had computers, but they were shared. On a small to medium scale, we had departmental computers. Each person had their own account. Same computer, different accounts, just like your local bank. That’s how we kept things separate.

That’s when Unix came to be. Unix evolved on medium-sized computers, in universities and research laboratories. Same computer, different accounts. Therefore, the idea of ownership became extremely important. Every file, every transaction is owned by somebody, and who that somebody is, makes a difference as to how that transaction is handled. Later, when Linux came along, Linux took on precisely the same concepts of file ownership.

Again, think about how things happen at your local bank. Every dollar, every coin – and most certainly every ball point pen – is owned by somebody, and in every case it’s completely clear who that somebody is. You have an account number; other people have an account number, and those numbers do not get mixed up. Keeping those account ownerships separate is a fundamental part of the system.

In the same way, different bank employees can do different things. At my bank, the lady at the information desk can handle non-cash transactions such as depositing my Google payout check. But only the teller can handle a wire transfer.

Unix and Linux are built around that same kind of environment. Even if you have a Linux machine all to yourself, you still have to deal with the same concepts of file ownership. Perhaps you have a dedicated server; you are the only one on the whole server. But, the concept remains. You need to deal with file ownership.

Do you recall I mentioned that Unix and therefore Linux are based on departmental computing? I can think of no reason whatsoever for you to care about that fact. Even so, that fact does make a difference to you!

The files on my Linux account are owned by me. That makes sense, right? The same concept applies to your server. When you upload your files, you specify your ftp user name. Your uploaded files are owned by that ftp user name. That is, your files are owned by you. When you deposit money into your own account at the bank, the money is owned by you.

So, on Linux, there are a number of different user accounts. Each account has its own files – and thus different files are owned by different users.

Group Ownership

However, on Linux, a user is also part of a group. Back in the late 20th century, different departments wanted to keep their stuff away from the other departments, but share things among themselves. For example, in the following file list:

drwxr-xr-x 4 genealogist users 4096 Mar 30 19:24 .
drwx------ 5 genealogist users 4096 Mar 30 19:20 ..
drwx--x--x 2 genealogist users 4096 Mar 30 19:23 cgi-bin
-rw-r--r-- 1 genealogist users    8 Mar 30 19:21 .htaccess
-rw-r--r-- 1 genealogist users  747 Mar 30 19:21 index.html
-rw-r--r-- 1 genealogist users   32 Mar 30 19:23 main.html
drwxrwxrwx 2 genealogist users 4096 Mar 30 19:24 members

The files are owned by user genealogist, but the files are also part of group users. In Linux there are three levels of access: user, group, and others. In the above example, the file owner may update index.html (genealogist has read and write permission), and everyone else (both members of the same group, and others) has read permission.

In File Permissions: Web Server Secrets, Part 3, you’ll begin to realize why this is important!