DEV Community

Cover image for Linux file permissions.
Md Abu Musa
Md Abu Musa

Posted on

Linux file permissions.

In Ubuntu (and other Linux systems), file permissions are an essential part of managing file security and access. Permissions define who can read, write, and execute a file or directory. Understanding these permissions is crucial for system administration, security, and software development.

File Permission Overview

Each file or directory in Ubuntu has three types of permissions:

  1. Read (r): Allows viewing or reading the contents of a file. For a directory, it means listing its contents.
  2. Write (w): Allows modifying or editing the contents of a file. For a directory, it allows adding or deleting files within it.
  3. Execute (x): Allows running or executing a file (e.g., shell scripts or binary files). For a directory, it allows traversing into it (changing into that directory).

Permission Levels: User, Group, and Others

There are three categories of users for each file and directory:

  1. User (u): The owner of the file. This is usually the person who created the file.
  2. Group (g): A group of users who share the same permissions.
  3. Others (o): All other users who are not the owner or part of the group.

Permissions for each category are represented in the following format:

Example: -rwxr-xr--

This example shows typical permissions of a file in a ls -l listing:

-rwxr-xr--
Enter fullscreen mode Exit fullscreen mode

Breaking Down the Example

  • -: Indicates the file type. - is a regular file, d is a directory, and l is a symbolic link.
  • rwx: User permissions (owner). The user has read (r), write (w), and execute (x) permissions.
  • r-x: Group permissions. The group has read (r) and execute (x), but not write (-) permission.
  • r--: Other users’ permissions. Other users have read-only (r) permission.

Changing Permissions: The chmod Command

You can change file permissions using the chmod command. There are two ways to use chmod:

  1. Symbolic Mode: Uses letters to represent permissions (r, w, x).
  2. Numeric Mode: Uses numbers (e.g., 755, 644) to set permissions.

Symbolic Mode: Examples

  • chmod u+x file.txt: Adds execute (x) permission for the user.
  • chmod g-w file.txt: Removes write (w) permission for the group.
  • chmod o+r file.txt: Adds read (r) permission for others.
  • chmod u=rwx, g=rx, o=r file.txt: Sets rwx for user, rx for group, and r for others.

Numeric Mode: Examples

In numeric mode, each permission has a corresponding value:

  • Read (r): 4
  • Write (w): 2
  • Execute (x): 1

The sum of these values determines the permissions. For example:

  • rwx = 4 + 2 + 1 = 7
  • rw- = 4 + 2 + 0 = 6
  • r-- = 4 + 0 + 0 = 4

Setting Permissions Using Numbers

When using numbers, you provide three digits, where each digit represents a category:

  1. First Digit: Permissions for the user (owner).
  2. Second Digit: Permissions for the group.
  3. Third Digit: Permissions for others.

Example:

  • chmod 755 file.txt: This sets permissions as follows:

    • 7 (User): rwx
    • 5 (Group): r-x
    • 5 (Others): r-x

Thus, rwxr-xr-x.

  • chmod 644 file.txt: This sets permissions as:

    • 6 (User): rw-
    • 4 (Group): r--
    • 4 (Others): r--

Thus, rw-r--r--.

Ownership: The chown Command

Besides permissions, each file has an owner and a group. You can change the owner or group using the chown command:

  • chown user:group file.txt: Changes the owner and group of the file.
  • chown user file.txt: Changes only the owner.
  • chown :group file.txt: Changes only the group.

Example:

  • chown alice:developers script.sh changes the owner to alice and the group to developers.

File Types in Permission Listings

When you list files with ls -l, you’ll see the file type indicated as the first character:

  • -: Regular file
  • d: Directory
  • l: Symbolic link
  • c: Character device file (e.g., terminals, serial ports)
  • b: Block device file (e.g., disk drives)

Example Output of ls -l: 

drwxr-xr-x  2 alice developers 4096 Oct  3 10:45  directory_name
-rw-r--r--  1 bob   users      1024 Oct  3 10:30  file_name.txt
Enter fullscreen mode Exit fullscreen mode

In this example:

  1. Directory (d): directory_name has drwxr-xr-x permissions.
  2. Regular file (-): file_name.txt has rw-r--r-- permissions.

Practical Permission Management Tips

  1. Setting Permissions for Scripts: Use chmod +x script.sh to make shell scripts executable.
  2. Limiting Access: Set sensitive files to chmod 600 file.txt so only the owner can read/write.
  3. Directory Permissions: Use chmod 755 for directories you want others to traverse but not modify.

Summary of Common chmod Values

  • 777: rwxrwxrwx – Everyone can read, write, and execute (dangerous for sensitive files).
  • 755: rwxr-xr-x – User can read, write, execute; others can only read and execute.
  • 644: rw-r--r-- – User can read, write; others can only read.

Top comments (0)

Read next

arbythecoder profile image

How I Secured My Containerized Application Using Anchore (Day 29 Project)

Arbythecoder -

elanatframework profile image

Send Information by Submitting Form

elanatframework -

decoders_lord profile image

System Design: Availability Patterns

Priyank Sevak -

ikoh_sylva profile image

AWS Cognito for User Authentication: A Comprehensive Guide

Ikoh Sylva -