Understanding Linux permissions might seem like a near-impossible task—what does 
There are two levels of permissions assigned to the files, directories, and processes in Linux. The first one is permission groups, which is otherwise referred to as the ownership. The second one is permission types, which can be
755 or u=rwx,g=rw,o=r mean, and what in the world is chmod drwxr-xr-x, anyway?—but it’s actually easier than you think. Let’s take a look.
Linux is a multi-user operating system that can be accessed by many users simultaneously. This might make you to think that a user can manipulate files and directories of another user, but all Linux operating systems protect filesystems under two levels of authorization—ownership and permission—to prevent unauthorized access to the filesystem in an effective and easy manner.
Owners of files, directories, and processes
Before we try to explore who are the owners of files and directories, let’s get an overview of user types in Linux. In Linux, there are two types of users, system users and regular users. System users are created by the operating system itself and are used to manage background processes. We generally create regular users to create and run processes interactively through a GUI or terminal. Besides these two types of users, there is a superuser by the nameroot, which has access to entire system to manage and override any settings in the system.
In Linux, the owners of the files, directories and processes will be assigned to these three types of users: regular, system, or root. Before we try to explore what permissions can be assigned to these three types of users, let’s try to understand the types of permission that are available in Linux.
[cta_inline]
What Linux permissions types are there?
There are two levels of permissions assigned to the files, directories, and processes in Linux. The first one is permission groups, which is otherwise referred to as the ownership. The second one is permission types, which can be read, write, or execute.
Permission groups
For every file and directory in Linux, there are the sets of users for whom we specify permissions. They are:- Owners
- Groups
- Others
owners.
Groups: Groups refers to anyone who is in the same group as the owner.
Others: Any user who is neither the owner of the file/directory and doesn’t belong to the same group is assigned to others group.
Permission types
What operations can each of the above three user groups can do is defined bypermission types. There are three basic permission types that can be assigned to three groups of users and they are read (r) , write (w), and execute (x).
What do read, write and execute mean for files and directories ?
For files:- Read is the ability to view the contents of a file.
- Write is the ability to edit or delete a file.
- Execute is the ability to run a file as an executable program.
- Read is the ability to read the contents of a directory.
- Write is the ability to write into the directory, like creating files and sub-directories inside a directory.
- Execute is the ability to
cdinto the directory and to view the metadata of the files inside the directory usinglscommand.
How do I find the permissions of a file?
Let’s try to find the permissions of files and directories. To find the permissions that is already assigned to files or directories, usels command with -l switch.
$ ls -l
drwxr-xr-x 3 dd users 4096 Jun 10 08:01 Pictures
...
...
drwxrwxrwx, represents the permissions for all the three classes of users. Let’s try to understand what each of these letters means. The first character, d, signifies that the file is a directory. This position can be blank(-) or any of the following characters:
c: Character device
b: Block device
s: socket
p: pipe
D: Door
l: symbolic link etc.
dd can read, write, and execute to the folder Pictures.
Moving on to the next three characters (drwxr-xr-x), which is r-x, represents the group permissions. The users from users group can access the file according to the group permissions, which specify they can read and execute in the directory but cannot write into it. TheContinue reading this article
by subscribing to our newsletter.
Subscribe nowby subscribing to our newsletter.
A note about tutorials: We encourage our users to try out tutorials, but they aren't fully supported by our team—we can't always provide support when things go wrong. Be sure to check which OS and version it was tested with before you proceed.
If you want a fully managed experience, with dedicated support for any application you might want to run, contact us for more information.
