Linux File Permissions
In Linux, file permissions control who can read, write, or execute a file or directory. Each file has three sets of permissions for three types of users:
- User (Owner): The person who created the file.
- Group: A group of users who share access.
- Others: All other users.
Understanding the Permission Structure
Permissions are represented as a string of 10 characters, like this:
- The first character indicates the type of file:
-
: Regular filed
: Directoryl
: Symbolic link
- The next nine characters are divided into three sets, each containing three characters:
- User (Owner):
rwx
- Group:
r-x
- Others:
r--
- User (Owner):
Each set of three characters indicates:
r
: Read permissionw
: Write permissionx
: Execute permission-
: No permission
Example: Checking File Permissions
You can view file permissions with the ls -l
command.
Command:
Output:
-rw-r--r--
: File permissions- User (Owner):
rw-
(read and write, but no execute) - Group:
r--
(read only) - Others:
r--
(read only)
- User (Owner):
- This means that the owner can read and write the file, but cannot execute it. The group and others can only read the file.
Changing File Permissions with chmod
You can modify permissions using the chmod
command.
Symbolic Mode
In symbolic mode, chmod
changes permissions by specifying u
(user), g
(group), o
(others), and a
(all).
Example 1: Adding Execute Permission to User
Output:
Now the owner has execute permission (x
), so file1.txt
is now readable, writable, and executable by the owner.
Example 2: Removing Write Permission from Group
Output:
This removes the write permission (w
) from the group.
Numeric Mode
In numeric mode, you represent permissions using three digits, where:
4
= read (r
)2
= write (w
)1
= execute (x
)
For example, chmod 754 file1.txt
gives:
7
(4+2+1) = read, write, execute for the owner5
(4+1) = read and execute for the group4
= read only for others
Example 3: Setting Permissions Using Numeric Mode
Output:
Now the owner has full permissions (rwx
), the group can read and execute (r-x
), and others can only read (r--
).
Special Permissions: SUID, SGID, and Sticky Bit
Special permissions modify standard permissions with unique behaviors.
- SUID (Set User ID): Allows a file to be run with the permissions of its owner.
- SGID (Set Group ID): Allows a file to be run with the permissions of its group.
- Sticky Bit: Commonly used on directories, it restricts deletion so only the owner of the file can delete it.
Each permission type helps manage secure access to files, making Linux a highly secure and customizable system for file permissions.