Linux File Permissions

Linux File Permissions

File ownership is important and setting permissions prevents unauthorized access. These permissions are used to control who can read, write and or execute files or directories. File permissions govern which users are allowed to perform which action and on what file or directory.

The term "ownership" refers to who owns a file. Ownership and permissions work together to control file system privileges.

File permissions are divided into the following attributes:

Owners permission: The owner of the file and the creator by default and possesses rights to assigning and changing privileges to users.

Group permission: The group that owns the file, and what actions a user who is a member of the group to which a file belongs can perform on the file.

Other permission: Any user who is not the owner or in the group. They are also referred to as "world" permissions.

Also, note that Users can change the group that owns a file (using "chgrp" as in chgrp groupname filename chgrp groupname foldername), but only root can change the user who owns a file or directory (using "chown" as in chown name filename chown name foldername).

Now let's talk about these permissions and access that is granted with them.

Read (r)

For Files, the user is allowed to read the contents of the file. For Directories, the user is allowed to read the list of contents of that directory.

Write (w)

For Files, the user is allowed to modify the contents of the file and for Directories, the user is allowed to add, delete and rename files in the directory.

Execute (x)

For Files, the user is allowed to execute a file as a program or shell script. And for Directories, the user is allowed to enter and access the files in the directory.

File permissions command could be entered using the Symbolic or Octal method and that, I am going to explain below.

Symbolic permission method

Using the chmod (change mode) command we can change permissions to files and directories and this method I'll say is the easiest of them all (I know, there are two methods only). Firstly, let's get acquainted with a few abbreviations.

u stands for user/owner

g for group

o for others

+ for adding permissions

- for removing permissions

= for setting permissions

Here are a few examples for better understanding.

chmod g+w new_file to change group permission to write only.

chmod g-wx new_file to remove write and execute permission for group.

chmod o+w new_file to change other(world) permission to write only.

chmod o-rwx new_file to remove read, write and execute permission for other(world)

chmod ugo=r new_file to set only read permissions for all users

Octal permission method

The octal permission method is usually represented by three octal digits( from 0 - 7) one for each permission group. To use octal, add the permission bits for each group and arrange them as a three-digit number. This method is also a more efficient method of setting all permissions bits at ones.

image.png

Below are examples for the Octal permission method:

So, a file that only allows the owner to read and write and everyone else only read access would look like this -rw-r--r-- or 644 which Octal-ly means:

6 = 4+ 2 (Read-only + Write-only)

4 = 4 (Read-only)

4 = 4 (Read-only)

Or to set a file's permissions to read, write, and execute for the user/owner, read and execute permissions for the group, and no access for all other users (equivalent to symbolic -rwxr-x--- ), use the following command:

chmod 750 new_file.txt

Octal-ly,

7 = 4+2+1 (Read-only + Write-only + Execute-only)

5 = 4+1 (Read-only + Execute-only)

0 = 0 (No permission)

Or for a file with this permission chmod 754 newfile.sh means that the user/owner has permission to read, write and execute. The group permission is set to read and execute only while others(world) permission is set to read-only.

Octal-ly it means:

7 = 4+2+1 (Read-only + Write-only + Execute-only)

5 = 4+1 (Read-only + Execute-only)

4 = 4 (Read-only)

As you can see, there are several options for permissions. You have the power to impose usability on users. It may as well look easy to grant everyone permission and that my friend, is a risky game. Play safe.