Understanding File Permissions



A basic introduction to understanding file permissions and how they pertain to Linux and MacOs (OSX). How to read and understand them by example.


This article is part 1 of 3 in the series on file permissions:
Understanding File Permissions
How do I use chmod to manage file permissions?
Sticky Bits, UID's and GID's

Article Navigation:
Overview
How to Read File Permissions
Breakdown of Symbolic Notation
Where and how to get help
Where to go from here

Overview

With Linux, MacOS (AKA Mac OSX), and other Unix like file systems; file permissions is a management system for controlling exactly who is able to read, write, or execute a program, file, or contents of a directory. These permissions are normally controlled or set by default directory, system preferences, or manually using a tool like chmod.

How to Read File Permissions

To read the the file permissions on a file you can use the ls command with the "L" flag. Run this command within the directory you wish to see the file permissions on
Obtaining file permissions for a particular file
$ ls –l
-rwxrwxrwx 1 root root 4096 Sep 24 2013 your_file.txt
drwxrwxrwx 1 root root 4096 Sep 24 2013 your_directory


While most of the output may look like gibberish, what you’re looking for is within the first column:
-rwxrwxrwx

Breakdown of Symbolic Notation

Believe it or not, for the examples stated above (-rwxrwxrwx) that cryptic string allows us to know who is able to read, write, and execute a file or program within 3 different groups, it also allows us to understand what kind of file it is (either file or directory). This type of syntax that is used to represent file permissions is known as "Symbolic Notation".

Symbolic strings are generally made up of a 10 character string that expresses the different permission types each group is able to use:
r – Read
w – Write
x – Execute
*In the event that a permission is absent, it will be denoted by a "-".
Each symbolic string is broken down into 4 sections. The file type (file or directory), Owner, Group, and Other in that order. The file is the first character (either d or -), while each of the subsequent groups (owner, group, and other) are represented by the subsequent three characters. Here’s a breakdown.

Decoding and understanding file permission symbolic notation example
-rwxrwxrwx

file type:
- File
Owner Permissions:
rwx – Owner can read, write, and execute.

Group Permissions:
rwx – Group can read, write, and execute.

Other Permissions:
rwx – Other can read, write, and execute.


Here is another example
drwxrw----

file type:
d – Directory

Owner Permissions:
rwx – Owner can read, write, and execute.

Group Permissions:
rw- – Group can read, write, however denoted by the – they are not able to execute the file.

Other Permissions:
--- – Other is unable to do anything, read, write, or execute.


Where and how to get help

It may take a while to fully take in exactly what file permissions are trying to tell you, about who has access to particular files and programs. If you're lost, see our list of file permissions, where each permission page provides a detailed breakdown of each permission. Check out permission 7777 for an example.

Websites:
If all else fails Stack Overflow and Super User are always a good source of info along with well respected q and a.

Where to go from here

This article is part 1 of 3 in the series on file permissions