Setfacl

Using xattrs or Extended Attributes on Linux

Linux supports extended attributes (xattr) on most file systems. Learn how they work and allow security features like access control lists and more.

Summary

An introduction into extended attributes (xattrs) on Linux

Plus sign in ls output

When file access control lists, or ACLs are being used, the output of ls will change. Learn about the additional plus sign in its output.

Summary

Ever wondered what the plus (+) sign is when showing a directory listing? It is part of a POSIX standard to support access control lists (ACL) on files. Normal files on a file system will have only 10 characters displayed, with the last 9 used for file permissions. However, when file access control lists are used, an 11th character shows up. This plus sign indicates the usage of a file ACL.

Using File ACLs on Linux for Additional Security

Access control lists (file ACLs) can increase security due to its granular structure. In this article we have a look at file ACLs and the use of getfacl

Summary

File ACLs can increase security due to the more granular permission structure. Still the use of ACLs is often not known to system administrators, resulting in directories and files having inappropriate file permissions. When to use (example) A directory could be configured with very tight permissions, including a proper owner and group. Normally the “Other” (everyone) group would have to be used to open up the file for people outside the owner group.