Permissions

Understanding Linux File Permissions

Each file and directory in Linux has an associated owner, group, and others. The permissions define who can do what.

Permission Structure

Each file has three permission types:

Symbol	Permission	Numeric Value	Description
r	Read	4	View file contents
w	Write	2	Modify file contents
x	Execute	1	Run file as a program

These permissions apply to three categories:

Symbol	Category	Description
u	User	The owner of the file
g	Group	Users in the file’s group
o	Others	All other users

Example: Viewing File Permissions

Run the ls -l command to see file permissions.

bashCopyEditls -l

Example output:

csharpCopyEdit-rwxr-xr--  1 user group 1234 Jan 1 12:00 script.sh

Breaking Down the Output

csharpCopyEdit-rwxr-xr--  1  user  group  1234  Jan 1  12:00  script.sh

• -rwxr-xr-- → Permissions

• 1 → Number of hard links

• user → Owner of the file

• group → Group of the file

• 1234 → File size (in bytes)

• Jan 1 12:00 → Last modified date

• script.sh → Filename

Explaining the Permissions (-rwxr-xr--)

Character	Meaning
-	Regular file (d for directories)
rwx	Owner (User) can read, write, and execute
r-x	Group can read and execute, but not write
r--	Others can only read

---

Changing File Permissions

Using chmod (Change Mode)

Symbolic Method

To add, remove, or set permissions using letters:

bashCopyEditchmod u+x script.sh  # Add execute (x) for the user (u)
chmod g-w script.sh  # Remove write (w) for the group (g)
chmod o=r script.sh  # Set read-only for others (o)

Numeric Method

Each permission set is represented by a 3-digit number:

• rwx = 7 (4+2+1)

• rw- = 6 (4+2)

• r-- = 4 (4)

Example:

bashCopyEditchmod 755 script.sh

Breakdown of 755

User	Group	Others
7	5	5
rwx	r-x	r-x

---

Changing Ownership

Use chown to change file owner and chgrp to change file group.

bashCopyEditchown newuser script.sh  # Change owner
chgrp newgroup script.sh  # Change group
chown newuser:newgroup script.sh  # Change both owner and group

---

Directory Permissions

Permissions work similarly for directories:

• r → List files (ls)

• w → Create/delete files

• x → Enter the directory (cd)

Example:

bashCopyEditls -ld mydir
drwxr-x---  1 user group 4096 Jan 1 12:00 mydir

To allow everyone to enter:

bashCopyEditchmod o+x mydir

---

Special Permissions

Symbol	Name	Used On	Description
s	SetUID	Files	Run file as the owner
s	SetGID	Files/Dirs	Run file as the group; inherit group
t	Sticky Bit	Directories	Only the owner can delete files

Example:

bashCopyEditchmod u+s script.sh  # SetUID (User runs as file owner)
chmod g+s shared_dir  # SetGID (New files inherit group)
chmod +t /tmp  # Sticky Bit (Only owner can delete files)

---

Visual Representation of Linux Permissions

pgsqlCopyEditOwner    Group    Others
rwx      r-x      r--

Permission Breakdown Example

makefileCopyEditFile: script.sh
Permissions: -rwxr-xr--

pgsqlCopyEditUser  : rwx (read, write, execute)
Group : r-x (read, execute)
Others: r-- (read)

Illustration of Numeric Representation

luaCopyEdit7   5   4
rwx r-x r--

Mode	User (Owner)	Group	Others
777	rwx	rwx	rwx
755	rwx	r-x	r-x
644	rw-	r--	r--

---

A Real-World Example

Scenario: Securing a Web Directory

Let's say you have a web directory in /var/www/html and want:

• The owner (www-data) to have full control (rwx).

• The group (developers) to read and write (rw-).

• Others should only read (r--).

Commands:

bashCopyEditchown www-data:developers /var/www/html
chmod 775 /var/www/html

Final Permissions

cssCopyEditdrwxrwxr-x  www-data developers /var/www/html

---

Sources

ChatGPT helped with some of the examples, and thanks to the Linux Foundation for helping with tables and examples.