Introduction to Linux File Permissions
The following article provides an outline for Linux File Permissions. Linux is a multi-user operating system, i.e. many users can access it simultaneously. Therefore, it can be used in servers and mainframes without any need for modification. Linux has great security features, but being a multi-user operating system, it is prone to a security threat. Unsolicited users may corrupt, remove or change important data. So it is necessary to avoid a user accessing any other user’s confidential or crucial files and data. To implement this security, permission must be granted before the user can access the file. Here permission specifies what a particular user can or cannot do with respective files and directories. These permissions help to create a secure environment for the users.
Linux File Permission
Linux systems consist of a file control mechanism that determines who has the right to access a file and what steps or actions he/ she can perform on it. The file control mechanism has two components.
- Classes or Ownership: It refers to those who can access the particular file.
- Permissions: It refers to the actions that can be performed on the file by that particular user.
Classes or Ownership of Linux Files
There are three types of classes:
1. Owner or User
A person who creates a file is called a user or an owner of that particular file. User has no impact on the actions of other users. The ownership can be specifically transferred or granted to any other user also.
A group can have multiple users. Every user belonging to a particular group would have the same privileges and access permissions for a particular file. A group does not affect the actions of other groups. For example, consider your team is making a project, and every member of your team need to access the file, so instead of granting permissions to every member individually, you can create a group of all team members and grant permission to the group, i.e. every member belonging to that group can access that file.
It refers to all other users that can access the file. Setting permission for others refers to setting permission to the world. It simply refers to those who are not the owners or not in a group, i.e. the general public.
Permissions for Linux Files
For every file, there are three types of permissions that are applicable to all classes.
1. Read (r)
The read permission allows the user to open the file and read its contents. However, the user is not allowed to modify or change the contents of the file.
2. Write (w)
The write permission allows the user to modify or change the contents of the file.
3. Execute (x)
This permission allows the user to execute the program or the code. If a user is not permitted to execute, then he/ she may read or modify code, but they would not be able to execute it.
- _: No permission
- d: Directory
- l: The file is a symbolic link
- s: This indicates setuid/ setgid permissions. These permissions are used to announce to the system to run an executable as an owner with the respective owner’s permission.
- t: This refers to sticky bit permissions. These permissions restrict the renaming and deletion of a file, i.e. only the owner can delete or rename the particular file.
There are some cases for the permissions that are most frequent.
- rwx: This is the permission that allows the user to read, write, and execute the program. Execute permission is applicable only is the file is a program.
- rw-: This is the permission that allows the user to read and modify the contents of the file, but the user does not have the authority to execute it.
- r-x: This is the permission that allows the user to read and execute the program, but he has no authority to make modifications to the program code.
- r–: This permission allows the user only to read the contents of the file. He/ she is neither allowed to modify the file nor execute it (in case it is a program).
Now lets us see how to read the permissions that appeared on the terminal.
The ls – l command gives the file type and access permissions related to a particular file.
The above screenshot depicts the file permissions.
- The first – depicts that a file is selected.
- Then there are nine characters in which r refers to read permission, w refers to write permission, x refers to execute permission and – refers to no permission.
- The first three characters depict the permission given to the owner. For example, in the above screenshot, rw- refers that the owner can read the contents of the file, change or modify the file but cannot execute it.
- The next three characters depict the permission given to the group. For example, in the above screenshot, rw- refers that the group members can read the file, modify or change the file but cannot execute the file.
- The last three characters depict the permission given to the world or other users. For example, in the above screenshot, r- – shows that other users can only read the file. They can neither modify nor execute the file or program.
Changing Security Permission
1. We can change the permission by using chmod.
chmod [permission] [path]
Example: chmod o+x abc.txt (here + shows adding and – shows the removal of permission)
2. We can also change multiple permissions at a time.
Example: chmod ugo-rwx abc.txt
In this article, we have discussed the file permissions in Linux. This is to be kept in mind that the security of files is important. Malicious users will target the files and would try to change, remove or delete the file or its content. So setting the permission must be carefully done so that the tasks could run smoothly.
This is a guide to Linux File Permissions. Here we discuss an introduction to linux file permission, classes or ownership of linux files, advanced permissions, along with the example. You can also go through our other suggested articles to learn more –