- When an OS accommodates multiple users, the issues of file sharing, file naming, and file protection become pre-eminent.
- To implement sharing and protection, the system must maintain more file and directory attributes than are needed on a single-user system.
- Most systems have evolved to use the concepts of file (or directory) (or ) and .
- The owner is the user who can change attributes and grant access and who has the most control over the file.
- The group attribute defines a subset of users who can share access to the file.
- For example, the owner of a file on a UNIX system can issue all operations on a file, while members of the file's group can execute one subset of those operations, and all other users can execute another subset of operations.
- Exactly which operations can be executed by group members and other users is definable by the file's owner.
- The owner and group IDs of a given file (or directory) are stored with the other file attributes.
- when a user requests an operation on a file, the user ID can be compared with the owner attribute to determine if the requesting user is the owner of the file.
- Likewise, the group IDs can be compared. The result indicates which permissions are applicable. The system then applies those permissions to the requested operation and allows or denies it.