Why 99% of Linux Server Hacks Come from Permission Misconfigurations – A Complete Guide

Linux Server Hacked? 99% of Cases Are Due to Permission Misconfigurations!

1. Overview of Linux Permission System

Linux, as a multi‑user operating system, relies on its permission system to ensure system security and data integrity. Permissions control access to files and directories, allowing only authorized users to perform operations.

1.1 Importance of the Permission System

Security : Prevent unauthorized users from accessing sensitive files.

Data Integrity : Avoid accidental deletion or modification of important files.

System Stability : Protect critical system files from being damaged by regular users.

Multi‑User Collaboration : Enable file sharing and isolation among different users.

1.2 Basic Permission Model

The Linux permission system is based on three basic concepts:

User : File owner.

Group : User group.

Others : All other users.

2. File Permission Details

2.1 Basic Permission Types

Read Permission (r)

Numeric value : 4

Files: Can view file contents.

Directories: Can list file names.

Write Permission (w)

Numeric value : 2

Files: Can modify file contents.

Directories: Can create, delete, rename files.

Execute Permission (x)

Numeric value : 1

Files: Can execute the file (if executable).

Directories: Can enter the directory.

2.2 Permission Representation

Symbolic Notation

-rwxr-xr-x 1 user group 1024 Jan 15 10:30 filename

Interpretation:

1st character: file type (- for regular file, d for directory, l for link, etc.).

2nd‑4th characters: owner permissions (rwx).

5th‑7th characters: group permissions (r-x).

8th‑10th characters: others permissions (r-x).

Numeric (Octal) Notation

Read = 4

Write = 2

Execute = 1

Common combinations:

755 → rwxr-xr-x (owner full, group and others read & execute).

644 → rw-r--r-- (owner read/write, group/others read only).

600 → rw------- (owner only).

777 → rwxrwxrwx (insecure, avoid).

2.3 File Type Indicators

- : Regular file

d : Directory

l : Symbolic link

b : Block device

c : Character device

p : Pipe

s : Socket

3. Directory Permission Specifics

3.1 Meaning of Directory Permissions

Read (r)

Allows listing directory contents.

Can use ls to view file names.

Cannot view detailed file information.

Write (w)

Allows creating, deleting, renaming files within the directory.

Requires execute permission to take effect.

Even without write permission on a file, it can be deleted if the directory is writable.

Execute (x)

Allows entering the directory.

Can use cd to change into it.

Allows accessing detailed information of files inside.

3.2 Common Directory Permission Combinations

r-x : Can enter and list files.

-wx : Can enter and create/delete files but cannot list existing files.

--x : Can only enter, cannot list files.

r-- : Can list file names but cannot enter the directory.

4. Permission Management Commands

4.1 Viewing Permissions

ls command

# Show permissions of current directory
ls -l
# Show permissions of a specific file
ls -l filename
# Show directory permissions
ls -ld dirname
# Show hidden files
ls -la

stat command

# Detailed file information
stat filename
# Show only permission bits
stat -c '%A %n' filename

4.2 Modifying Permissions

chmod

Symbolic mode :

# Add execute permission for owner
chmod u+x filename
# Remove write permission from group
chmod g-w filename
# Set read‑only for others
chmod o=r filename
# Add read permission for all
chmod a+r filename
# Combined operation
chmod u+x,g-w,o=r filename

Numeric mode :

# Set permission to 755
chmod 755 filename
# Set permission to 644
chmod 644 filename
# Recursively change directory permissions
chmod -R 755 dirname

Permission Symbol Explanation

u – user (owner)

g – group

o – others

a – all

+ – add permission

- – remove permission

= – set exact permission

4.3 Changing Owner and Group

chown

# Change file owner
chown username filename
# Change owner and group
chown username:groupname filename
# Change only group
chown :groupname filename
# Recursive change
chown -R username:groupname dirname

chgrp

# Change file group
chgrp groupname filename
# Recursive change
chgrp -R groupname dirname

5. Special Permissions

5.1 SUID (Set User ID)

Numeric value: 4. Symbol: s in the owner's execute position. When a SUID file is executed, it runs with the file owner's privileges.

# Set SUID
chmod u+s filename
chmod 4755 filename
# Verify SUID file
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root ... /usr/bin/passwd

Security note: SUID files pose a risk; use only when necessary and audit regularly.

5.2 SGID (Set Group ID)

Numeric value: 2. Symbol: s in the group execute position. When executed, the file runs with the file's group privileges. For directories, new files inherit the directory's group.

# Set SGID on a directory
chmod g+s dirname
chmod 2755 dirname
# Verify
ls -ld dirname
drwxr-sr-x 2 user group ... dirname

5.3 Sticky Bit

Numeric value: 1. Symbol: t in the others execute position. Only the file owner (or root) can delete or rename files within the directory.

# Set sticky bit on /tmp
chmod +t /tmp
chmod 1775 /tmp

6. Default Permissions and umask

6.1 umask Concept

umask defines the default permission mask for newly created files and directories. Maximum file permission is 666, maximum directory permission is 777. Actual permission = maximum – umask.

6.2 Using umask

# Show current umask
umask
# Symbolic display
umask -S
# Set umask to 022
umask 022
# Temporary change
umask 077

6.3 Common umask Values

022 → files 644, directories 755 (default, others can read).

077 → files 600, directories 700 (private).

002 → files 664, directories 775 (group writable).

7. Access Control Lists (ACL)

ACLs provide finer‑grained control than traditional permissions, allowing specific users or groups to have custom rights.

getfacl command

# View file ACL
getfacl filename
# View directory ACL
getfacl dirname

setfacl command

# Grant rwx to a user
setfacl -m u:alice:rwx filename
# Grant rw to a group
setfacl -m g:dev:rw filename
# Set default ACL on a directory
setfacl -d -m u:bob:rwx dirname
# Remove ACL entry
setfacl -x u:alice filename
# Remove all ACLs
setfacl -b filename

ACL Example

# Create test file
touch test.txt
# Set ACLs
setfacl -m u:alice:rw test.txt
setfacl -m u:bob:r test.txt
# View ACL
getfacl test.txt
# Output shows user::rw-, user:alice:rw-, user:bob:r--, …

8. Permission Troubleshooting

8.1 Common Permission Issues

Cannot access file

# Check file permissions
ls -l filename
# Check directory permissions
ls -ld dirname
# Check full path permissions
namei -l /path/to/file

Cannot execute script

# Add execute permission
chmod +x script.sh
# Verify file type
file script.sh

8.2 Diagnostic Tools

Using find to locate problems

# Find SUID files
find / -perm -4000 -type f 2>/dev/null
# Find world‑writable files
find /home -perm -002 -type f 2>/dev/null
# Find files without owner or group
find / -nouser -o -nogroup 2>/dev/null

Permission repair script

#!/bin/bash
# Fix common permission issues
chmod 755 /home/username
chmod 700 /home/username/.ssh
chmod 600 /home/username/.ssh/authorized_keys
find /var/www -type d -exec chmod 755 {} \;
find /var/www -type f -exec chmod 644 {} \;

9. Security Best Practices

9.1 Permission Principles

Least privilege : Grant only the permissions required for a task.

Regular review : Periodically audit and adjust permissions.

Avoid using 777 permissions.

Permission separation : Keep system files separate from user data; isolate applications.

Sensitive files should have dedicated restrictive permissions.

9.2 Permission Auditing

Regular checks

# Check SUID/SGID files
find / -perm -4000 -o -perm -2000 -type f 2>/dev/null
# Check world‑writable files
find / -perm -002 -type f 2>/dev/null
# Check orphaned files
find / -nouser -o -nogroup 2>/dev/null

Monitoring

# Use auditd to monitor changes
auditctl -w /etc/passwd -p wa -k passwd_changes
auditctl -w /etc/shadow -p wa -k shadow_changes

9.3 Permission Management Policies

User Management

Create separate accounts for each user.

Prefer sudo over direct root login.

Regularly clean inactive accounts.

Group Management

Design logical group structures.

Use group permissions to simplify access control.

Avoid users belonging to too many groups.

10. Advanced Permission Management

10.1 SELinux Integration

SELinux provides mandatory access control (MAC) for additional security.

# Check SELinux status
sestatus
# View file SELinux context
ls -Z filename
# Set SELinux context
chcon -t httpd_exec_t /var/www/cgi-bin/script.cgi

10.2 sudo Permission Management

sudoers configuration

# Edit sudoers safely
visudo
# Example entries
username ALL=(ALL:ALL) ALL
%wheel ALL=(ALL:ALL) ALL
username ALL=(ALL) NOPASSWD: /usr/bin/systemctl

sudo usage tips

# Run as another user
sudo -u otheruser command
# Preserve environment variables
sudo -E command
# Open a root shell
sudo -i

10.3 Filesystem Mount Options

Secure mount options can further restrict behavior.

# /etc/fstab example
/dev/sda1 /tmp ext4 defaults,nodev,nosuid,noexec 0 2
/dev/sda2 /home ext4 defaults,nodev,nosuid 0 2

nodev : Disallow device files.

nosuid : Ignore SUID/SGID bits.

noexec : Prevent execution of binaries.

11. Real‑World Cases

11.1 Web Server Permission Setup

# Create web user and group
groupadd webgroup
useradd -g webgroup webuser
# Set website directory permissions
chown -R webuser:webgroup /var/www/html
chmod -R 755 /var/www/html
# Restrict config directory
chmod 750 /var/www/html/config
chmod 600 /var/www/html/config/database.conf

11.2 Database Permission Configuration

# Secure MySQL data directory
chown -R mysql:mysql /var/lib/mysql
chmod 700 /var/lib/mysql
chmod 600 /var/lib/mysql/*
# Backup directory
mkdir /backup/mysql
chown mysql:mysql /backup/mysql
chmod 700 /backup/mysql

11.3 Log File Permissions

# System logs
chmod 755 /var/log
chmod 644 /var/log/messages
chmod 640 /var/log/secure
# Application logs
mkdir /var/log/myapp
chown appuser:appgroup /var/log/myapp
chmod 750 /var/log/myapp

13. Summary

Linux file and directory permissions form the foundation of system security. By mastering the concepts, commands, special bits, ACLs, and best‑practice policies, you can effectively protect systems, diagnose issues, and implement robust security controls.

Learning Suggestions

Hands‑on practice : Apply commands on a test system.

Regular audits : Establish a permission review routine.

Stay updated : Follow emerging security threats and patches.

Document changes : Record why permissions were altered.

Team standards : Define shared permission management guidelines.

Mastering Linux permissions is essential for any sysadmin and a key step toward becoming a proficient operations engineer.