For proper security and for the right groups or individuals to access certain files, permission has to be granted to a group or the individual user for UNIX or any other operating system to keep things secure. In order for any system to give permission to a user for access rights into a file, there has to be some kind of secure log-in to be placed on the file. Usually the file that has to be secure is set up by the owner of the data. In UNIX, the security is set up by using something called an ACL or Access Control List. The ACL gives a level of security that allows groups or individuals to access the files that you want to share with them. Classic UNIX security provides for two areas of security when it comes to file sharing. The two areas are read and write. However, if administrator wants to give certain individuals a read write security level and others just read security, the administrator will have to use the ACL because classic UNIX security does not allow this to happen.
Concerning an ACL there are several typical scenarios that make sense. The ACL will help to provide access to the file for a user that is not the owner or a member of the primary group for this file. The ACL will help to provide access to the file for a group other than the specified for this file group (owner-group). The ACL will help to exclude particular users who are a member of the owner-group from accessing the file or directory (Bezroukov, 2011).
ACL’s can also be configured so that the administrator can monitor who tries to access the files and folders. The administrator should monitor the systems for any unauthorized use of the setuid and setgid permissions to gain superuser privileges (Bezroukov, 2011). A suspicious listing would be one that grants ownership of a setuid or setgid program to a user other than bin or sys. In our world today security is highly coveted and especially of important data. The administrator can also check to see who has logged in. With the use of the command logins it will display the status of who has logged in. The administrator can disable a user’s login temporarily or even save the failed login attempts. Authentication is a way to restrict access to certain users. System administrators can restrict the ability to gain access to the system or even a network. Authorization after the user gets on the system makes restrictions to what they can do. There are two types of ACLs. The first is access ACLs and second is default ACLs. An access ACL is specifically an access control list for accessibility. A default ACL can be associated only with a directory. If a file within the directory does not have an access ACL it uses the rules of the default ACL for the directory (Bezroukov, 2012).
One thing is that permissions can be added or modified to a file that has already been made secure. The biggest problem of ACLs is their potential to