File System

Linux History: How Dot Files Became Hidden Files

Ever wondered why there are files on your Linux system, starting with a dot? The short answer: they are shortcuts. Here is the full story and thoughts behind it.

Summary of Linux History: How Dot Files Became Hidden Files

The history of hidden files Ever wondered why there are files on your Linux system, starting with a dot? The short answer: they are shortcuts. The story begins many years ago when the first file systems were created on UNIX. To allow easy navigation, a single file with a dot (.) was added to each directory. Secondly, a double dot file (..) was added to easily move up in the directory structure.

Read the full article…

Linux system hardening: adding hidepid to /proc mount point

The pseudo-filesystem /proc contains a lot of useful information for the system administrator. With the hidepid option we can restrict what users can see.

Summary of Linux system hardening: adding hidepid to /proc mount point

When looking in /proc you will discover a lot of files and directories. Many of them are just numbers, which represent the information about a particular process ID (PID). By default, Linux systems are deployed to allow all local users to see this all information. This includes process information from other users. This could include sensitive details that you may not want to share with other users. By applying some file system configuration tweaks, we can change this behavior and improve the security of the system.

Read the full article…

Plus sign in ls output

When file access control lists, or ACLs are being used, the output of ls will change. An additional character shows up (plus sign) to indicate the usage of these access control lists.

Summary of Plus sign in ls output

Ever wondered what the plus (+) sign is when showing a directory listing? It is part of a POSIX standard to support access control lists (ACL) on files. Normal files on a file system will have only 10 characters displayed, with the last 9 used for file permissions. However, when file access control lists are used, an 11th character shows up. This plus sign indicates the usage of a file ACL.

Read the full article…

Using xattrs or Extended Attributes on Linux

Linux supports extended attributes (xattr) on most file systems. Learn how they work and allow security features like access control lists and more.

Summary of Using xattrs or Extended Attributes on Linux

What are extended attributes? Extended attributes or xattrs, are an extensible mechanism to store metadata on a filesystem. Metadata is a collection of information or data points about a particular object. If we would compare this article, the metadata contains the title, author, description, language, Twitter image, etc. Normally the file system can only store a limited set of information about files. Typically this is the filename, ownership, file permissions, and dates.

Read the full article…