Understanding Linux file permissions
Posted on 2008-07-29 - Comments
They’re funny things Linux file permissions – the moment you think you understand them, you discover some subtle piece of functionality that means you were wrong all-along...
In this three-part article, I give a brief introduction to file and directory permissions, as well as some of the common gotchas. This part shows you how to interpret permissions on the command line and explains what they mean.
One of the best ways to get a feel for the permissions, is using the shell. So, if you launch a shell session and type the following: (the “-l” means the long-listing format)
ls -l
You’ll see a listing of all the files in your home folder, something like this:
drwxr-xr-x 2 dan users 4096 2007-12-13 15:34 bin
drwx------ 5 dan users 4096 2008-07-25 15:30 Desktop
drwx------ 15 dan users 4096 2008-07-18 10:49 Documents
drwxr-xr-x 2 dan users 4096 2007-12-13 11:08 public_html
-rw-r--r-- 1 dan users 12094 2008-03-10 15:22 readme.txt
Of particular interest to us, is the first set of characters which represent the permissions: (numbered below, for reference)
drwxr-xr-x
12345678910
From left to right, the permissions are grouped into four parts:
- Character 1: Indicates a directory (d), link (l) or normal file (-)
- Characters 2-4: The read (r), write (w) and execute (x) permissions for the file owner (“dan” in the example above)
- Characters 5-7: The read (r), write (w) and execute (x) permissions for the file group (“users” in the example above)
- Characters 8-10: The read (r), write (w) and execute (x) permissions for everyone else aka others
What these permissions mean, depends on what kind of file it is.
For directories:
- Read (r): Users can view a listing of the directory contents (i.e. read its contents)
- Write (w): Users can create / delete files in this directory (i.e. write to the directory’s contents).
- Execute (x): Users can enter this directory using a “cd” command
Note: If users have write access to a directory – they can delete its files even if they are not the owner and/or do not have write permission to the individual file. Watch out for this one, it has caught us out in the past!
For files:
- Read (r): Users can view the files' contents
- Write (w): Users can modify the files' contents
- Execute (x): Allows execution of the file as a program
You should also be aware that Linux only checks the most appropriate permissions when deciding whether to grant access. For example, if you are the file owner, only the owner permission is checked (not the "group", or "other" permissions). This means, if the permissions are "—-r–r–", you won't be able to read the file if you are the owner – whereas members of the file group and "others" will be able to read it.
That’s it for now! In the upcoming part two, I will detail how to set permissions, using the Linux command line. Part three will show you some of the more advanced permissions. Watch this space!
- Next generation console wishlist 2013-02-18
- Digital conversations preserved 2011-02-21
- Pastel de Nata recipe 2011-01-10
- Fixing a bricked D-Link DSL-G624T 2010-01-22
- Learning PHP - Part 6: functions 2009-11-03
- Learning PHP - Part 5: your first dynamic web page 2009-11-03
- Learning PHP - Part 4: controlling flow 2009-11-02
- Symptoms of a Wordpress hack 2009-11-02
- Learning PHP - Part 3: array basics 2009-10-26
- Learning PHP - Part 2: variable basics 2009-10-25
- Learning PHP - Part 1: introduction 2009-10-24
- Unsetting HTTP headers in PHP 2008-08-06
- Intermittent 1px gap in Firefox 3 2008-07-30
- Understanding Linux file permissions 2008-07-29
- Step by step: Moving code between Subversion repositories 2008-07-23
- Novell client on OpenSuse 10.3 2007-10-08
- Removing Windows from Apple's Bootcamp 2007-10-01
- HTTP authentication in PHP 2007-06-12
- Microformats and me 2007-06-11