Stepping Into Linux Permissions: su, sudo, and the Power of Knowing Who You Are
Andrii RToday’s TryHackMe session finally clicked why permissions matter. I wasn’t just listing files anymore, but figuring out who owns what, who can touch what, and how to become the right user to get a task done. It felt way closer to real cybersecurity work.
Reading permissions with ls -l
I used ls -l and ls -lh to see ownership and permissions:
ls -l
ls -lh # human-readable sizes
A typical line looks like:
-rw-r--r-- 1 user2 user2 12K May 14 2021 important
Quick decode:
-rw-r--r--→ permissionsowner:
rw(read, write)group:
r(read)others:
r(read)
user2 user2→ owner user and group12K→ file size (the-hflag makes this human-readable)important→ file name
This told me right away that important belongs to user2. Trying to cd important failed—because it is a file, not a directory. Good reminder to read the first character (- file, d directory).
Switching users with su
Since important was owned by user2, I practiced becoming that user.
su user2
# enter user2's password (input is invisible)
su user2starts a shell as user2 but keeps many of the current environment settings, including my working directory.su -l user2(orsu - user2) starts a login shell, loading user2’s environment and dropping me into /home/user2.
su -l user2
pwd # now shows /home/user2
When I was user2, I could finally read the file:
cat /home/tryhackme/important
To go back to my original user:
exit
su vs sudo in one line
su: switch who you are. You need the target user’s password.sudo: run a single command with elevated privileges (usually as root) using your own password, if you are allowed in/etc/sudoers.
Common sudo checks:
sudo -l # list what I’m allowed to run
sudo <cmd> # run one command with elevated privileges
Creating, moving, copying, deleting files
I also practiced the core file ops that you do constantly while triaging systems.
Create files and directories:
touch note # create an empty file
mkdir mydirectory # create a directory
Remove files and directories:
rm note # remove a file
rm -r mydirectory # remove a directory recursively
Copy and move (or rename):
cp note note2 # copy file
mv note2 note3 # move or rename
mv myfile myfolder/ # move file into a directory
Figure out what a file actually is:
file unknown1 # returns something like: ASCII text
A tiny permissions primer (why security folks care)
read (r): view the contents
write (w): modify the contents
execute (x): run a file, or enter a directory
Ownership is user and group based. Least privilege is the rule—only the right identities should have
worx.
What I actually did today
Identified a file’s owner with
ls -l(owner ofimportantwasuser2).Switched to that user with
su user2, then with a full login shell usingsu -l user2.Verified home directory behavior using
pwd.Read the protected file with
cat important.Practiced creating, copying, moving, renaming, and deleting files and folders.
Used
fileto confirm real file types, not just extensions.Opened the manual for
suwhen I needed details:
man su
Quick reference I’ll reuse
# Inspect
ls -l # perms, owner, group
ls -lh # human-readable sizes
file <name> # identify type
# Switch users
su <user> # switch user (keeps environment)
su -l <user> # login shell as user (new environment)
exit # return to previous user
# Privileged commands
sudo -l # what am I allowed to run
sudo <cmd> # run one command as root (or another user)
# Files and directories
touch <file> # create file
mkdir <dir> # create directory
cp <src> <dst> # copy
mv <src> <dst> # move or rename
rm <file> # remove file
rm -r <dir> # remove directory recursively
Closing thoughts
Today moved me closer to the work I want to do in cybersecurity. I wasn’t just “using Linux,” I was applying identity and access concepts on a live system—switching users, reading ownership, and acting with the right privileges. Exactly the mindset I’ll need in investigations, hardening, and incident response.
Subscribe to my newsletter
Read articles from Andrii R directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by