Linux Permissions
February 12, 2018•503 words
Understanding the folder and file permissions in Linux can be somewhat tricky for the unintiated.
| Permission | Value |
|---|---|
| r - read | 4 |
| w - write | 2 |
| x - execute | 1 |
The Permission Groups are:
| Group | Description |
|---|---|
| u | Owner |
| g | Group |
| o or a | All Users |
The potential Assignment Operators are + (plus) and - (minus); these are used to tell the system whether to add or remove the specific permissions.
The Assignment Operators can be used like so:
| Command | Description |
|---|---|
chmod o+x file |
this is adding the ability for all users to execute a file |
chmod u+rwx file |
this adds the ability for the file owner to read, write, and execute |
chmod o-x file |
this is removing the abiltiy for all users to exectue a file |
The permissions in the terminal are listed like so:
- drwxrwxrwx
- -rw-rw-rw-
- etc.
The ‘d’ at the beginning identifies that the file is a directory. The next nine characters identify the rights of each of the groups identified above. For example, ‘drwxrwxrwx’ is a directory and all groups have read-write-execute permissions. If assigning rights using numbers, this would be coded as ‘777’. After the first character (d or -) the permission groups are in groups of 3.
Above the sum of the values for r,w, and x to give you the permission and write it in the order of u,g, and o. So if you wanted to change the permissions for this file so all groups only had read-write permissions you would use 666. The sum of r(4) and w(2) is 6. However, let’s say you only wanted the owner to have read-write-execute permissions and all others to only have read permissions, you would use 744.
Examples:
| Owner (u) | Group (g) | All Users (o or a) | Permission | Number Value |
|---|---|---|---|---|
| Read - Write - Execute | Read - Write - Execute | Read - Write - Execute | drxwrwxrwx | 777 |
| Read - Write - Execute | Read - Write - Execute | Read - Write | drxwrwxrw- | 776 |
| Read - Write - Execute | Read - Write - Execute | Read | -rxwrwxr-- | 766 |
| Read - Write - Execute | Read - Write - Execute | -rwx------ | 700 | |
| Read - Write | Read | Read | -rw-r--r-- | 644 |
Advanced Permissions
The special permissions flag can be marked with any of the following:
| Character | Description |
|---|---|
| _ | no special permissions |
| d | directory |
| l | The file or directory is a symbolic link |
| s | This indicated the setuid/setgid permissions. This is not set displayed in the special permission part of the permissions display, but is represented as a s in the read portion of the owner or group permissions |
| t | This indicates the sticky bit permissions. This is not set displayed in the special permission part of the permissions display, but is represented as a t in the executable portion of the all users permissions |