File Permissions in Linux

 in Linux / Operating Systems  tagged file / file permissions / Linux / linux commands / permissions / Security / use linux by

File Permissions is one of the great features of Linux Kernel. File permissions are what makes this kernel secure.
We can define File permissions using various commands, and make a file available only for some users, or group of users or no of the users.
We can also define which user can read, write or execute which file. In short, File permissions give you security! So lets learn about file permissions in Linux.
When you run commands like ‘ls -l‘ or ‘ll‘ it will show you a detailed view of the files and its permissions.

Permissions of all files.

Permissions of all files.

Have you ever wondered what this ‘drwxrwxrwx‘ is? Why is it before each and every file and folder?

Well this shows the permissions of that file. Here,
d‘ stands for directory. If there is ‘d’ it means that is a directory not a file. A file will have ‘-‘ in the ‘d’s’ place like this :
r‘ stands for read access. If ‘r’ is present, you can read that file.
w‘ stands for write access. If ‘w’ in present, you can write in that file.
x‘ stands for execute. If the file is executable file, it will have a ‘x’ in it.

If a permission (rwx) has ‘-‘ in any of its place, it means you don’t have access to that particular permission. If there is a ‘-‘ in r‘s place, it means you can’t read that file. If there is a ‘-‘ in d’s place it means, it is not a directory.

Now you know what ‘d‘ , ‘r‘ , ‘w‘ and ‘x‘ stands for. But you may have noticed that after ‘d‘ , the ‘rwx‘ permissions are written 3 times. Why? Well because in that one line, the kernel defines the permissions for:

  1. User who created that file.
  2. For group.
  3. For others.

Lets say a folder has permissions ‘drwxr-x–x‘. To read the permissions easily , you can cut this word in 4 pieces.
d | rwx | r-x | –x

1st is ‘d‘. That means this is a Directory.
2nd ‘rwx‘. This says the Directory and its files has read,write and execute access for the user who created it.
3rd ‘r-x‘. This says that groups can read these files but can’t write in it. However, they can execute them.
4th ‘–x‘. Since we  have ‘–‘ in place of ‘rw’ we can say that others can only execute it.

Changing or Modifying Permissions.

What if you want to modify the permissions such that groups can also write in it, and others can only read it.
For this we use ‘chmod’ command. To use chmod we need to know the octal values of these permissions.
Data can either be a directory or file, and you can’t change a file into directory. So there is no octal value of ‘d’
The octal form of ‘r’ is 4.
The octal form of ‘w’ is 2.
The octal form of ‘x’ is 1.

To change permissions we write chmod ‘permissions’ ‘location of file
If you want to give access of ‘rw’ to user, groups and others, we will use:
chmod 666 /home/Vishu/Myfile
This will give users, groups and others has permission of 6 [4 (read) + 2 (write) ] for file ‘Myfile’

Read write access to users, groups and others.

Read write access to users, groups and others.

 

To give full access, we use ‘chmod 777 /home/Vishu/Myfile‘  — [4 (read) + 2 (write) + 1 (execute) ]

Full access

Full access

To give ‘read,write,execute’ (4+2+1) to user, ‘read, write’ (4+2) to groups and execute (1) to others we use
chmod 761 /home/Vishu/Myfile

Read write execute for user, read write for groups and execute for others.

Read write execute for user, read write for groups and execute for others.

 

To change permissions of all the files inside a folder use  ‘-R’ switch with chmod to apply permissions recursively.
When a new file is created, be default its permissions are ‘644’ as you can see here ‘-rw-r–r–

Permissions of new file!

Permissions of new file!

 

When a new directory is created, its default permissions are ‘755’ as you can see here ‘drwxr-xr-x

Permissions of new directory!

Permissions of new directory

 

How is this default Permission set?
Can you change the default permission?

Yes. As Linux is Open Source, it gives you freedom to change everything.
How is this default Permission set?
Well, when you create a file or directory, its permissions are 666 i.e. (rw-rw-rw) and 777 i.e. (rwxrwxrwx) respectively. But there is a file named umask which has 4 digits in it.

The default umask value is ‘0022’ where last three digits, here ‘022’ sets the permissions. Umask is present in ‘/etc/profile‘. Use any editor if you want to change it.

So when a file is created, its permission is 666 (since file cannot be executed), and this permission is subtracted with 022. So ‘666-022 = 644’ which is default permission.

Similarly, when directory is created, its permission is 777 which when subtracted with umask ‘777-022 = 755’ which is default permission.

Changing the 022 value, can alter the default permissions of File and Directory.

Leave a Reply