Permissions

Tarih: 2026-06-15 | Kategori: Linux

Etiketler: Linux

Just like in other operating systems, multiple user accounts can be created on Linux, and these users can share the same system. However, when different users share the same system, privacy issues can easily arise. For instance, one user may not want others to view, edit, or delete their files.

We can address this issue with permissions that can be defined at the file and directory level.

To view the permissions for a file or directory, we can use the `-l` parameter of the `ls` command, as discussed in previous sections.

root@hackerbox:~$ ls -l notes.txt


-rwxr--r-- 2 john development 4096 Jul 29 12:34 notes.txt

The columns in the output obtained with the `-l` parameter of the `ls` command are as follows:

  • `-` or `d`: File type. If it's a directory, it's shown as `d`, if it's a regular file, it's shown as `-`. In this example, it's `-`, so it's a regular file.
  • `rwxr--r--`: File permissions.
  • `2`: Number of hard links to the file/directory.
  • `john`: Owner of the file/directory.
  • `development`: Group owner of the file/directory.
  • `4096`: Size of the file or the block count used to store directory information.
  • `Jul 29 12:34`: Creation or last modification date of the file/directory.
  • `notes.txt`: Name of the file/directory.

    • Understanding Permissions

    [Image of Linux file permissions structure rwxrwxrwx explained]

    The file permissions (`rwxr--r--`) given in the example above can be thought of as three different sets of permissions consisting of 9 characters in total. Each set of three characters represents the user, group, and others permission sets.

    --- --- ---
rwx rwx rwx
user group others

    `r`, `w`, `x`, and `-` Characters

  • `r` (read): Represents read permission, i.e., the permission to read the contents of the file.
  • `w` (write): Represents write permission, i.e., the permission to write or modify the contents of the file.
  • `x` (execute): Represents execute permission, i.e., the permission to execute the file. The `x` permission is given only to executable programs (scripts or binaries).
  • If any of the `rwx` characters are replaced with `-`, it means that permission is not granted.

    • User, Group, and Others

  • user (u): User permissions concern only the owner of the file or directory.
  • group (g): Group permissions concern only the users who belong to the group assigned to the file or directory.
  • others (o): Other permissions concern all other users and groups on the system.

    • Reading Permissions

    First, let's divide the given permissions (`rwxr--r--`) into three distinct groups.

    rwx r-- r--
user group others

    It is seen that all permissions (read, write, and execute) are granted for the owner user (`rwx`). In other words, the owner of the file (the user named john) can read, modify, and execute this file. However, since this file is a text file, as indicated by its name, it will not execute even though it has execute permission (unless it's a script).

    For group permissions, only read permission is granted to the group assigned to the file (`r--`). Write and execute permissions are not granted, as indicated by the `-` character. Members of the `development` group, to which the file is assigned, have only read permission for this file.

    As for the permissions of other users and groups, it is also seen that only read permission is granted (`r--`). Again, write and execute permissions are not granted, as indicated by the `-` character. This means that all other users and groups on the system have only read permission for this file.

    Changing File and Directory Permissions

    To change file and directory permissions, use the `chmod` command. The first argument given to the `chmod` command indicates which permission set you want to change. You can specify the permission set with the `u`, `g`, or `o` options.

  • `u` (user): Owner user permissions
  • `g` (group): Group permissions
  • `o` (others): Other permissions
  • To change permissions for all sets simultaneously, you can use `ugo` (or `a` - all).

    • After specifying the first argument, you need to indicate whether you want to add or remove a permission. You can use the `+` or `-` options.

  • `+` : Adds permission
  • `-` : Removes permission

    • Lastly, you need to specify which permission you want to change (`r`, `w`, or `x`).

  • `r` (read): Read permission
  • `w` (write): Write permission
  • `x` (execute): Execute permission
  • You can also use the combination `rwx` (to grant multiple permissions at once).

    • Let's Do an Example to Understand It Better

    For instance, if we want to grant write permission to others for the file `notes.txt`, we start the command by indicating the permission set (`o` for others):

    root@hackerbox:~$ chmod o

    Then, we indicate whether we want to add or remove the permission. Since we want to add the permission, we use the `+` character.

    root@hackerbox:~$ chmod o+

    Lastly, we specify the permission (`w` for write).

    root@hackerbox:~$ chmod o+w

    Finally, we specify the file we want to modify, `notes.txt`, and execute the command. We then verify the changes with `ls -l`.

    root@hackerbox:~$ chmod o+w notes.txt
root@hackerbox:~$ ls -l notes.txt


    -rwxr--rw- 2 john development 4096 Jul 29 12:34 notes.txt

    As we can see, the permission set for others has been changed to `rw-`. Now, other users on the system can read and write to the file.

    Another Example (Bulk Assignment)

    You can also update multiple permissions and groups in a single command. For example, to grant all permissions (`rwx`) to all sets (`user`, `group`, `others`) for the file `notes.txt`, run the following command:

    root@hackerbox:~$ chmod ugo+rwx notes.txt
root@hackerbox:~$ ls -l notes.txt


    -rwxrwxrwx 2 john development 4096 Jul 29 12:34 notes.txt