File permissions in Unix are represented as a series of bits, like in the table below:
|rwx||rwx||rwx||111 111 111|
|rw-||rw-||rw-||110 110 110|
|rwx||—||—||111 000 000|
In binary they would look like this:
rwx = 111 in binary = 7
rw- = 110 in binary = 6
r-x = 101 in binary = 5
There are 3 sets of permissions: user, group, and other (also known as UGO). You can represent the 3 sets as a single digit to express the permissions.
Let’s set read and write permissions to a file named foo.txt for the owner.
However, let’s keep the file private from other users.
$ chmod 600 foo.txt
See below some common settings examples:
(rwxrwxrwx) No restrictions. Any user can do anything (read, write and execute) with the file.
(rwxr-xr-x) File’s owner can read, write, and execute the file. Other users may read and execute the file, this is a common permission for shared programs.
(rwx——) File’s owner may read, write, and execute the file. Other users don’t have rights. This is useful for private programs (owner only).
(rw-rw-rw-) All users may read and write from/to the file.
(rw-r–r–) The owner may read and write from/to the file, while all others may only read the file. This is a common permission for data files that everybody may read, but only the owner may change.
(rw——-) The owner may read and write from/to the file. All other users have no rights. This is a common permission for data files that the owner wants to keep private.
chmod is also used to control access permissions for directories. Again, the octal notation is used to set permissions, but the results of the r, w, and x attributes are different:
r - Contents of the directory can be listed if the x attribute is also set.
w - Files inside the directory can be created, deleted or renamed if the x attribute is also set.
x - The directory can be accessed (i.e. cd directory_name).
(rwxrwxrwx) No restrictions. Any user may list, create and delete files inside the directory.
(rwxr-xr-x) Grants full access to the directory owner. Other users may list the directory, but can’t create or delete files. This is a common setting for shared directories.
(rwx——) Grants full access to the directory owner. Other users don’t have any rights. This is common for private directories.
First published on October 18, 2016