Unix permissions - acarril/unix-servers GitHub Wiki

bad chmod advice

Understanding how Unix permissions work is really very easy, and it allows us to be safe while being flexible on what we share (and what we don't share) with different users who can access the same server. So let's go.

tl;dr

This post is the tl;dr version of Unix permissions! Go read info coreutils 'chmod invocation' if you don't believe me.

Displaying permissions

We can easily check the permissions of all the files and subdirectories within a directory with the ls -l <directory> command. For example, we can inspect our home directory with

$ ls -l ~
total 4
drwxr-x--x. 3 acarril acarril   26 Dec 12  2019 ado
drwxrwxr-x. 3 acarril acarril  119 Jul  7 16:14 bin
drwxrwxr-x. 3 acarril acarril   44 Jul  6 17:15 GDrive
drwxr-xr-x. 2 acarril acarril   30 Jul  7 16:15 Public
drwxrwxr-x. 3 acarril acarril   53 Sep 12  2019 R
drwxrwxr-x. 3 acarril acarril   44 Jul  5 16:25 Repos
drwxrwxr-x. 3 acarril acarril   25 Sep 12  2019 rpm
-rw-rw-r--. 1 acarril acarril 3019 Dec 12  2019 termite.terminfo

A given entry of the output of ls -l has the following components (taken from this SE answer):

-rwxrw-r--    10    root   root 2048    Jan 13 07:11 file.sh
?UUUGGGOOOS   00  UUUUUU GGGGGG ####    ^-- date stamp and file name are obvious ;-)
^ ^  ^  ^ ^    ^      ^      ^    ^
| |  |  | |    |      |      |    \--- File Size
| |  |  | |    |      |      \-------- Group Name (for example, Users, Administrators, etc)
| |  |  | |    |      \--------------- Owner Acct
| |  |  | |    \---------------------- Link count (what constitutes a "link" here varies)
| |  |  | \--------------------------- Alternative Access (blank means none defined, anything else varies)
| \--\--\----------------------------- Read, Write and Special access modes for [U]ser, [G]roup, and [O]thers (everyone else)
\------------------------------------- File type flag

Understanding the permissions column

The first column of the ls -l output is what we're interested in, as it summarizes the permissions of a given entry. Unix file and directory permission is in the form of a 3×3 structure: three types of permissions (read, write and execute) available for three types of users (user, group and others).

Directories Files
Read List files and folders in directory Read contents of file
Write Create files and subdirectories in directory Write/modify contents of file
Execute Enter the directory Execute file as program or script

⚠️ **GitHub.com Fallback** ⚠️