Understanding File Permissions Linux

Linux File Permissions

Why Strict file Permissions and Ownership:

Linux OS is designed for a multi-user environment. An environment where more than one users are access the same file system and other resources at the same time. In such an environment file permissions and ownership would be a problem if you don’t configure it properly.

For example, one user have created a file and someone else deleted it mistakenly or deliberately, then first user would lose all the data he has compiled. This can be handled if you configure user rights properly.

Second example, one user executed a process and that process is gonna take a long time to be completed. Meanwhile somebody else stopped it, then the first user would not happy about this. For such things user permissions should be configured properly.

Understanding file Ownership in linux:

Each file/directory in linux is own by a specific user and a group. Therefore, permissions are separately defined for User, Group and Others.

User: User name of who owns the file/directory. By default the user who creates the file/directory is owner of that.

Group: The usergroup that owns the file. All the users in this group would have same file permissions.

Group permissions are usable if multiple users in a group are using some common file/directory. You need to make sure that the file is owned by the right group you want to give permissions to.

Others: A user who is not the owner of the file/directory and he also is not in the owner group.

Some people call it ‘world’ permissions.

Understanding File permissions in linux:

There are three types of file permissions in linux Read, Write and Execute. These permissions are separately defined for User, Group and Others.

Read: On a regular file, the read permission bit means the file can be opened and read. On a directory, the read permission means you can list the contents of the directory.

Write: On a regular file, this means you can modify the file means you can write new data to the file. In the case of a directory, the write permission means you can add, remove, and rename files in the directory.

This means that if a file has the write permission bit, you are allowed to modify the file’s contents, but you’re allowed to rename or delete the file only if the permissions of the file’s directory allow you to do so.

Execute: In the case of a regular file, this means you can execute the file as a program or a shell script. On a directory, the execute permission (also called the “search bit”) allows you to access files in the directory and enter it, with the “cd” command, for example.

However, note that although the execute bit lets you enter the directory, you’re not allowed to list its contents, unless you also have the read permissions to that directory.

Viewing file permissions in Linux:

You can list down directory contents with “ls” command but to see permissions of contents you need to get long listing of a directory contents with “ls -l” or “ll” command.

Following are the views with different listing types.

haris@harisaltaf-vaio:~/Downloads$ ls
DBs.zip images.jpg pc2-9.1.6.rar Scraper dl
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$ ls -l
total 2276
-rw-r--r-- 1 haris haris 19527 2011-12-02 18:09 DBs.zip
-rw-r--r-- 1 haris haris 4712 2011-12-20 14:19 images.jpg
-rw-r--r-- 1 haris haris 2295246 2011-12-23 21:41 pc2-9.1.6.rar
drwxr-xr-x 2 haris haris 4096 2011-12-09 18:16 Scraper dl
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$ ll
total 2284
drwxr-xr-x 3 haris haris 4096 2011-12-23 21:43 ./
drwxr-xr-x 55 haris haris 4096 2011-12-31 14:16 ../
-rw-r--r-- 1 haris haris 19527 2011-12-02 18:09 DBs.zip
-rw-r--r-- 1 haris haris 4712 2011-12-20 14:19 images.jpg
-rw-r--r-- 1 haris haris 2295246 2011-12-23 21:41 pc2-9.1.6.rar
drwxr-xr-x 2 haris haris 4096 2011-12-09 18:16 Scraper dl/
haris@harisaltaf-vaio:~/Downloads$

What does the long listing output means. The first column, having values like drwxr-xr-x, shows file permissions. Second column having an integer value shows number of links to the file. Third column shows file owner. Fourth column shows owner group. Fifth column shows size of file in bytes. Sixth column shows file’s last modification date and time. Seventh column shows file name.

Linux File Permissions
Linux File Permissions

The first column which shows file permissions is organised into four parts. Four parts are divided as d rwx r-x r-x. The First part shows File Type. Second part shows Owner permissions. Third part shows Group permissions. Fourth part shows Other permissions.

File Types:

d = directory
 = regular file
l = symbolic link
b = block device file
p = named pipe
c = character device file
s = Unix domain socket

Permission character Meaning:

r = read permission
w = write permission
x = execute permission
 = no permission

To see hot to Set File Permissions in Linux see my next post.