Unix Permissions
Unix Permissions allow you to protect your files from editing or moving. This page will help you further understand Unix file permissions and how to use them to your advantage for extra security.
What they are
Unix provides three forms of access to any file: read
(r
), write
(w
), execute
(x
).
The owner of a file can decide which access permissions the file has and which members of groups have that access. The three types of groups are: .u
for user, .g
for group and .o
for others.
The ls -l
command will show you the current permissions set for each file/folder. For example, if you put ls -l ~/playing
you might see a response like:
The ls -l
command will show the permissions granted to each class. For example, if you said ls -l ~/playing
you might see the response
-rwxrwx--- 1 johndoe student 311296 Jul 21 09:17 a.out
-rw-rw---- 1 johndoe student 82 Jul 21 09:12 hello.c
-rw-rw---- 1 johndoe student 92 Jul 21 09:13 hello.cpp
-rw-rw---- 1 johndoe student 85 Jul 20 15:27 hello.wc
Splitting these results into a table will give us:
Permissions | hard links | owner | group | id | date | name |
---|---|---|---|---|---|---|
-rwxrwx--- |
1 |
johndoe |
student |
311296 |
Jul 21 09:17 |
a.out |
For the permissions specifically, it takes the following structure
Directory/File | owner permissions | group permissions | others permissions |
---|---|---|---|
- |
rwx |
rwx |
--- |
The first character indicates if its a file (-
) or a folder (d
), the following three are owner, three after are for group and the remaining three are for others.
As previously discussed each of the characters show the permissions the file has.
Permissions set on a directory will set the permissions for the files within them
chmod
The chmod
command allows for you to change permissions on files.
It can be used as following:
chmod <person/group><+/-><permissions> <file/folder>
So if i were to for example make a file readable, editable and executable i would do:
chmod o+rwx file
use +
to add permissions and -
to remove them.
For folders, if you wish to change the permissions of the files within the folder, you would add the -R
tag:
chmod -R o_rwx folder
the
-R
stands for 'recursive'
umask
Another method of permissions is called 'umask' and this works numerically. it is a number consisting of 3 digits (base 8) where each digit is responsible for the person/group and the value of the number the permissions they have.
The numbers are calculated mathematically where each of the permissions has a different value:
read (r) | write (w) | execute (x) | |
---|---|---|---|
Weight: | 4 | 2 | 1 |
To set the permissions of a file you would use the command:
umask <.u><.g><.o> <file>
To find the digit to assign, you add all the 'weight' values as previously shown and subtract them from 7, so if i wanted to give myself the permission to read, write execute, group to have the permission to read and execute, and others no permission i would do the following:
umask 027 file
this notation also works for chmod, but from here you add them together and take that value, not subtract them from 7