File Protection in Operating System:


Definition and Explanation:

When designing file systems, an important consideration is how to protect sharable files. Sometimes this is avoided by not permitting sharing of files. So the protection is quite easy to implement or make all files public and provide complete sharing. However, it is not acceptable to the users. Users want to share some files. There are some files that should be accessible to only a group of users. The solution is to allow limited sharing. It means that users can share but to a limited extent only.


Protection is achieved by limiting the type of file access that can be made. Access is permitted or denied depending upon several factors. One is the type of access requested. Several operations on files can be controlled. Some of these are:

  • Read - read information contained in the file.
  • Write - write new information into the file at any point or overwrite existing information in the file.
  • Execute - load contents of a file in main memory and create a process to execute it.
  • Append - append information at the end of a file.
  • Delete - delete a file and release its storage space for use in other files.
  • List - List the name and attributes of the file.



The most common implementation of file systems allow the owners of the file to perform first five operations. Other users can only invoke those operations that do not modify the file such as file read. In some systems like UNIX, the user can change the access control of a file so that anybody can access or modify the file. The user can also completely deny any user access to a file including himself.


The three most popular implementations/ Methods of file protection are the following:


1. File Naming:


This depends upon the inability of a user to access a file he cannot name. This can be implemented by allowing only users to see the files they have created. Many file systems allow only a limited number of characters for filenames. There is no guarantee that two users will not use the same filenames.


2. Passwords:


This scheme associates a password to each file. If a user does not know the password associated to a file then he cannot access it. This-is a very effective way of protecting files for a user who owns many files and constantly changes the password. In this way, he makes sure that nobody accesses these files.


3. Access Control:


Access-control limits who can access files and how they can access them. The simplest operating system access control mechanism gives unlimited access to all users. This is the access control scheme used by DOS. On such a system, users wishing to control access to their file must do so by limiting physical (and network) access to their machine


An access list is associated to each file or directory. The access list contains information on the type of users and accesses that they can do on a directory or file. An example is the following access list associated to a UNIX file or directory:


drwxrwxrwx


The d, indicates that, this is an access list for a directory. The first rwx indicates that it can be read, written and executed by the owner of the file. The second rwx is an access. information for users belonging to the same group as the owner. The last rwx is for all other users. The rwx can be changed to just r--- indicating that it can only be read. It can be -w- for write-only and -- x for execute only.

{ 3 comments... read them below or Comment }

Blog Archive

Powered by Blogger.

- Copyright © 2013 Taqi Shah Blogspot -Metrominimalist- Powered by Blogger - Designed by Johanes Djogan -