- Kali Linux Tutorial
- Kali Linux - Home
- Installation & Configuration
- Information Gathering Tools
- Vulnerability Analyses Tools
- Kali Linux - Wireless Attacks
- Website Penetration Testing
- Kali Linux - Exploitation Tools
- Kali Linux - Forensics Tools
- Kali Linux - Social Engineering
- Kali Linux - Stressing Tools
- Kali Linux - Sniffing & Spoofing
- Kali Linux - Password Cracking Tools
- Kali Linux - Maintaining Access
- Kali Linux - Reverse Engineering
- Kali Linux - Reporting Tools
- Kali Linux Useful Resources
- Kali Linux - Quick Guide
- Kali Linux - Useful Resources
- Kali Linux - Discussion
Implement shell file protection in Linux
Overview
This article will show you how to protect your files from unauthorized access using the Linux file system permissions, and how to use chmod command to set permissions for a specific user or group of users.
Besides the Linux file permission mechanisms that help us keep our files safe from misuses, most Linux shells have built-in safeguards against accidental file overwrite. We’ll cover some of them here.
Protecting Files With noclobber
All POSIX shell implementations support the noclobber option. If you're using a shell script, meaning the shell will complain if you try to overwrite an existing directory.
By default, because of tradition, the noclobber option is disabled by default. To turn it on for bash or ksh, run the following command −
set -o noclobber
To use csh or tcsh when running scripts, we’ll first need to set an environment variable called “csh
set noclobber
If we set the noclobber option, then when we attempt to overwrite a file, Bash will complain: "File exists."
set -o noclobber touch temp.txt # Create temp.txt file echo "Hello" > temp.txt # Try to overwrite file contents -bash: temp.txt: cannot overwrite existing file
Using cshell (or tcsh), the error message is slightly more cryptic −
set noclobber touch temp.txt # Create temp.txt file echo "Hello" > temp.txt # Try to overwrite file contents temp.txt: File exists
We should note that we're not protecting against file overwriting by redirections. If you remove the file using the command line tool rm, redirect its output to another file using the shell operator “>>”, or write to the file from within an application, then everything will be fine.
Overriding Protections
We can either disable the noclobbers restriction by returning to the default behaviour by disabling the shell options or temporarily overriding them. For example, if we want to disable the noclobbing restriction for the current session, we could run the following command −
set +o noclobber
"In tcsh/csh," this means −
unset noclobber
To temporarily override the noclobber behavior, our shell processes provide special redirection operators: “>!” and “>|” respectively. Let’s show our original example using bash −
set -o noclobber touch temp.txt # Create temp.txt file echo "Hello" > temp.txt # Try to overwrite file contents -bash: temp.txt: cannot overwrite existing file echo "Hello" >| temp.txt # Overwrite file contents using override operator
When using tcsh, we’ll just replace “>|” with “>!” −
set noclobber touch temp.txt # Create temp.txt file echo "Hello" > temp.txt # Try to overwrite file contents temp.txt: File exists echo "Hello" >! temp.txt # Overwrite file contents using override operator
Example: Truncating a Logfile
An example where we might want to use this feature would be when truncating a log file. Therefore, logs tend to be left open by services that keep them. Because of this, we're often unable to remove them as the operating systems keeps track of open file handle. To truncate the logs, we redirect /dev/* to the files −
/dev/null >| my_logfile.log
This solution has an additional benefit: It doesn't update the modified date when the contents stay the same. So if you run the redirect in cron and the content stays empty, the modified date will show the last change made by the script.
If you want to use the command-lne redirection method but don't want to use the -s flag, another option is to use truncate. The next example will have the same result as the previous one, which will resize the file to zero.
truncate -s 0 my_logfile.log
The truncate (truncate) function has another advantage, as it lets us resized our log files to any size. The next example will shrink our log files to 50 MB −
truncate -s 50M my_logfile.log
Conclusion
Here, we discuss the noclobber command and how we can implement shell file protection. We also cover the use of truncates as an optional tool for file resizing.
- Related Articles
- File Protection
- File Sharing and Protection
- Auto Logout in Linux Shell Using TMOUT Shell Variable
- Changing the Default Shell in Linux
- C++ Program to Implement Shell Sort
- Python Program to Implement Shell Sort
- Delete expoted environment Variable in Linux shell
- 5 Shell Scripts for Linux Newbies to Learn Shell Programming
- Linux Commands Using Secure Shell (ssh)
- How to change the shell working directory in Linux?
- Convert Hex to ASCII Characters in the Linux Shell
- An Insight of Linux Variables in Shell Scripting Language
- How to execute a Python file in Python shell?
- Advanced File Permissions in Linux
- File globbing in Linux in C++
