Linux File Permissions

Linux file permissions are a fundamental aspect of system security and user management. They define what actions a user or group can perform on files and directories. Linux file permissions are set for three types of users:

Owner (User): The individual who owns the file.
Group: A group of users who share common permissions on the file.
Others: All other users on the system who are neither the owner nor part of the group.

These permissions specify the types of access users have to files and directories, such as reading, writing, or executing them.

1. File Permissions Overview

File permissions in Linux are represented by a 10-character string, which is displayed when using the ls -l command. For example:

-rwxr-xr-x 1 user group 12345 Dec 21 12:00 file.txt

This string is divided into:

The first character: Indicates the file type.
The next 9 characters: Represent the permissions (read, write, execute) for the owner, group, and others.
The remaining fields: Show additional information like the file’s owner, group, size, and timestamp.

2. File Type (First Character)

The first character of the permission string indicates the file type:

-: Regular file
d: Directory
l: Symbolic link
c: Character device file
b: Block device file
p: FIFO (named pipe)
s: Socket

3. Permissions (Next 9 Characters)

The next 9 characters represent the permissions for the owner, group, and others. These are divided into three sets of three characters:

First set: Permissions for the owner (user).
Second set: Permissions for the group.
Third set: Permissions for others.

Each set consists of three characters:

r: Read permission (allows viewing the contents of the file or listing the contents of a directory).
w: Write permission (allows modifying the contents of the file or creating/deleting files in a directory).
x: Execute permission (allows running the file as a program or script, or accessing a directory).

If a permission is not granted, it is represented by a -.

For example:

-rwxr-xr– 1 user group 12345 Dec 21 12:00 file.txt

Owner has rwx (read, write, and execute).
Group has r-x (read and execute).
Others have r-- (read only).

4. Permission Breakdown

Here’s a breakdown of the permission string:

Character Position	Description	Permissions
1	File type	`-` (file), `d` (directory), etc.
2–4	Owner permissions	`rwx` or `r--`, `r-x`, etc.
5–7	Group permissions	`rwx`, `r--`, etc.
8–10	Others permissions	`rwx`, `r--`, etc.

5. Changing Permissions with `chmod`

To modify the permissions of a file or directory, you use the chmod command. There are two ways to represent the permissions: symbolic mode and numeric mode.

Symbolic Mode:

In symbolic mode, you specify the permission change using letters:

u: User (owner)
g: Group
o: Others
a: All users (owner, group, and others)

The operators used are:

+: Add a permission
-: Remove a permission
=: Set a permission exactly (overwrites existing permissions)

Example:

chmod u+x file.txt: Adds execute permission to the owner of file.txt.
chmod g-w file.txt: Removes write permission from the group.
chmod o=r file.txt: Sets read-only permission for others, removing any previous permissions.

Numeric Mode:

In numeric mode, permissions are represented by numbers. Each permission is assigned a number:

Read (r): 4
Write (w): 2
Execute (x): 1

The permissions for owner, group, and others are then combined into a 3-digit number:

Owner: First digit (100s)
Group: Second digit (10s)
Others: Third digit (1s)

To calculate the numeric mode, you add up the values for the permissions you want to grant.

Permission	Read	Write	Execute	Numeric Value
None	0	0	0	0
Execute	0	0	1	1
Write	0	2	0	2
Write + Execute	0	2	1	3
Read	4	0	0	4
Read + Execute	4	0	1	5
Read + Write	4	2	0	6
Read + Write + Execute	4	2	1	7

Example:

chmod 755 file.txt: Sets permissions to rwxr-xr-x (owner: rwx, group: r-x, others: r-x).
- Owner gets 7 (read + write + execute), group gets 5 (read + execute), others get 5 (read + execute).