Linux file permissions in a nutshell

Engineering Sep 28, 2016

Every file and directory in linux have their own permissions. They decide what a user can do with them, inform the same to system.

In a nutshell, a file/directory lets a user do either of:
read (r), write (w) and execute (x).

For files:

  • read -- user can read contents of file.
  • write -- user can edit/write to file. Also, this lets user delete the file.
  • execute -- user can execute the file as a script (something like bash command)

For directories:

  • read -- user can read contents of directory.
  • write -- user can create a new file in the directory or rename the file or delete the file. Also, this lets user delete the directory.
  • execute -- user can cd to directory. Yes, user can't do it with only read permission.

Now, how do file/folder specify which users can access what?

Answer lies in users(u), groups (g) and others (o)

  • User - The owner of file/directory.
  • Group - All users added to these groups (yes, they can be multiple.) can do what they're permitted to do.
    Groups essentially determine how multiple users can access a file/directory.
  • Other - Those who have nothing specifically assigned.

Example walkthrough

To look for permissions of all files in a folder, run the command ls -la <folder_path>

Let's have a peek through of /var/www/ on the server where this website is hosted.

$ ls -al /var/www/
drwxr-xr-x  6 root     root     4096 Jun  1 22:01 .
drwxr-xr-x 13 root     root     4096 Apr 16  2015 ..
drwxr-xr-x 10 ghost    ghost    4096 Sep 19 00:35 ghost
drwxr-xr-x  3 srujan   srujan   4096 Sep 23 06:52 html
  • drwxr-xr-x translates to
    • d -- directory
    • "rwx" -- owner can read, write, execute.
    • "r-x" -- Group can read, can't write, execute.
    • "r-x" -- Others can read, can't write, execute.
  • 6, 13, 10, 3 are respective number of hardlinks.
  • root root/ ghost ghost / srujan srujan says owner group
    By default, user who creates the file owns it.
  • 4096 -- size of file/directory in bytes
  • The rest are timestamps.
  • Filenames:
    • . -- Current directory.
    • .. -- Parent directory.
    • ghost -- Child directory.
    • html -- Another child directory

And other example where a file is present. Notice that d is not present in the rules.

$ ls -al /var/www/html/
total 16
drwxr-xr-x 3 srujan srujan   4096 Sep 23 06:52 .
drwxr-xr-x 6 root   root     4096 Jun  1 22:01 ..
-rw-rw-r-- 1 srujan srujan     94 Sep 23 06:52 404.html

How to change permissions

Go through the manual of command chmod for understanding how to achieve desired permissions to a file/directory.


You should go to about section on this site.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.