Linux Permissions
Think of Linux permissions like a security system for your files and folders. Just like how you might have different keys for different rooms in your house, Linux uses permissions to control who can access and modify your files. Understanding permissions helps you keep your work safe and share it with others when needed.
Quick Reference
| Permission Type | What It Does | Common Use |
|---|---|---|
| Read (r) | View file contents | Opening files, listing directories |
| Write (w) | Modify contents | Editing files, creating/deleting files |
| Execute (x) | Run programs/scripts | Running commands, accessing directories |
When to Use Permissions
- When you need to protect your files from others
- When you want to share files with specific people
- When you need to run scripts or programs
- When you want to control who can modify your work
- When you need to organize group projects
User Categories
Think of user categories like different groups of people who might need access to your files:
| Category | Who It Includes | Example |
|---|---|---|
| Owner (u) | You, the file creator | Like being the owner of a house |
| Group (g) | Users in the same group | Like family members sharing a house |
| Others (o) | Everyone else | Like visitors or guests |
Viewing Permissions
The above image break down the permissions of a file. Lets start with the code that would match those permissions.
-rwxrw-r-- 1 user group 4096 Jul 10 14:55 file.txt
Now lets break this down:
Owner- Owner of the fileGroup- Group that owns the file (in this case the group is the group name)Other- Other permissions meaning everyone else.
Every file and directory will have an owner, a group and an other. Each one of this will have a set of permissions assigned to them. In our example the owner is the user and the group is the group name. The other is everyone else.
The permissions are represented by the letters r, w, and x. r stands for read, w stands for write, and x stands for execute. The permissions are assigned to the owner, the group, and the other in the order of rwx.
In our example the owner has read, write, and execute permissions. The group has read and execute permissions. The other has read permissions.
Numeric Permissions
Numeric permissions in Linux use a three-digit number system (like 755 or 644) to represent file permissions. Each digit represents a different user category (owner, group, others) and is calculated by adding up the values of individual permissions:
- Read (r) = 4
- Write (w) = 2
- Execute (x) = 1
To understand how this works, let's break it down:
- First Digit (Owner): Controls what the file owner can do
- Second Digit (Group): Controls what group members can do
- Third Digit (Others): Controls what everyone else can do
For example, the number 7 (4+2+1) means full permissions (read, write, execute). Here's how to calculate common permission numbers:
| Number | Calculation | Permissions | What It Means |
|---|---|---|---|
| 7 | 4+2+1 | rwx | Full access (read, write, execute) |
| 6 | 4+2 | rw- | Can read and modify, but not execute |
| 5 | 4+1 | r-x | Can read and execute, but not modify |
| 4 | 4 | r-- | Read only access |
| 3 | 2+1 | -wx | Can write and execute, but not read |
| 2 | 2 | -w- | Write only access |
| 1 | 1 | --x | Execute only access |
| 0 | 0 | --- | No access at all |
When you see a three-digit number like 755, it means:
- First digit (7): Owner has full access (4+2+1 = read, write, execute)
- Second digit (5): Group can read and execute (4+1)
- Third digit (5): Others can read and execute (4+1)
This system makes it easy to set permissions with a single command. For example, chmod 755 file.txt sets the permissions to rwxr-xr-x in one step.
Common Numeric Permission Examples
# 755: Owner has full access, others can read and execute
# rwxr-xr-x
chmod 755 script.sh
# 644: Owner can read and write, others can only read
# rw-r--r--
chmod 644 document.txt
# 750: Owner has full access, group can read and execute, others have no access
# rwxr-x---
chmod 750 private/
# 600: Only owner can read and write
# rw-------
chmod 600 secret.txtSymbolic Mode
Think of symbolic mode like using simple words to set permissions. You can use letters to specify who gets what permissions:
| Part | What It Means | Example |
|---|---|---|
| u (user) | File owner | You |
| g (group) | Group members | Your project team |
| o (others) | Everyone else | Other students |
| a (all) | All users | Everyone |
You can use these operators to change permissions:
| Operator | What It Does | Example |
|---|---|---|
| + | Add permission | Add execute permission |
| - | Remove permission | Remove write permission |
| = | Set exact permissions | Set read and write only |
Symbolic Mode Examples
# Add execute permission for owner
chmod u+x script.sh
# Remove write permission from group
chmod g-w document.txt
# Set read and write for others
chmod o=rw shared.txt
# Add execute for all users
chmod a+x program
# Set read and execute for group and others
chmod go=rx file.txtWhat do the other parts mean?
-rwxrw-r-- 1 user group 4096 Jul 10 14:55 file.txt
To the other parts of the code example are broken down below:
-- The hash symbol means the file is a file not a directory. If it was a directory it would be a d. If it was a symbolic link it would be a l.1- Number of hard links (for a file this is always 1, for a directory this is the number of files in the directory but always starts with a d. For a symbolic link it is the number of links to the file or directory.4096- File size in bytesJul 10 14:55- Last modified date/timefile.txt- File name (in this case the file is called file.txt)
Tips for Success
- Always check permissions before trying to access files
- Use
ls -lto see current permissions - Remember that directories need execute permission to be entered
- Start with restrictive permissions and add more as needed
- Use groups to manage permissions for multiple users
Common Mistakes to Avoid
- Giving too many permissions (especially execute)
- Forgetting to set directory permissions
- Not checking group membership
- Using 777 permissions (too open)
- Not understanding the difference between file and directory permissions
Best Practices
- Use the principle of least privilege (give only needed permissions)
- Regularly review and update permissions
- Use groups for collaborative projects
- Document permission changes
- Test permissions after changing them