Pick a Free OS

User login

Navigation

Understanding Linux file permissions

Linux is a proper multi-user environment. In a multi-user environment,

security of user and system data is very important. Access should be given

only to users who need to access the data. Since Linux is essentially a

server OS, good and efficient file security is built right into Linux. Of

course, such security does create problems for users, especially novice

users. Many user queries are due to incorrect file permissions or just

because a user ignores that fact that the file permissions do not allow

access.

First, let's check out the file permissions. File permissions are defined

for users, groups and others. User would be the username that you are

logging in as. Further more, users can be organized into groups for better

administration and control. Each user will belong to at least one default

group. Others includes anyone the above categories exclude.

Given below is the result of an 'ls -l'

drwxr-x--- 2 mayank freeos 4096 Dec 28 04:09 tmp

-rw-r--r-- 1 mayank freeos 969 Dec 21 02:32 foo

-rwxr-xr-x 1 mayank freeos 345 Sep 1 04:12 somefile

Relevant information in the first column here is the file type followed by

the file permissions. The third and the fourth column show the owner of

the file and the group that the file belongs to.

The first entry here is tmp. The first character in the first column is

'd', which means the tmp is a directory. The other entries here are files,

as indicated by the '-'.

d rwx r-x ---

file type users group others

The next 9 characters define the file permissions. These permissions are

given in groups of 3 each. The first 3 characters are the permissions for

the owner of the file or directory. The next 3 are permissions for the

group that the file is owned by and the final 3 characters define the

access permissions for everyone not part of the group. There are 3

possible attributes that make up file access permissions.

r - Read permission. Whether the file may be read. In the case of a

directory, this would mean the ability to list the contents of the

directory.

w - Write permission. Whether the file may be written to or modified. For

a directory, this defines whether you can make any changes to the contents

of the directory. If write permission is not set then you will not be able

to delete, rename or create a file.

x - Execute permission. Whether the file may be executed. In the case of a