Each file and directory has a set of nine permission bits associated with it. You can see these bits by doing an ls -l command. The nine bits are grouped into three sets of three. The first three pertain to the user who owns the file. The middle three pertain to users in the same group as the file (but who do not own the file). The final three pertain to all other users. The possible permissions are read (r), write (w), and execute (x). Thus a file's permissions might be:
rwxr-x---
This means that the owner can read, write, and execute the file. People in the same group as the file can read and execute it, but not write to it. Everybody else has no access to the file.
When you talk about a file's permissions (or "mode" as it's often called), you often use a three digit octal number to represent the permission bits. For example
rwxr-x--- Mode = 750 (111,101,000)
Here are some common permissions as applied to files.
rwxrwxrwx (777) Everybody can do anything. rwx------ (700) The owner can do anything. rwxr-x--- (750) People in the group have access. r--r--r-- (444) Read only. rw------- (600) Not a program. Owner only. rw-r----- (640) Not a program. Group has access.
For directories, the meaning of the bits is slightly different.
Table 1.2. Directory Permissions
r | You can read the directory. You need this to get a directory listing with the ls command. |
w | You can write the directory. You need this to create files, or links in the directory. You need this to delete files in the directory. You can delete a file you cannot access if you have (w) permission to the directory!! |
x | You can search the directory. You need this to look up a name in a directory. |
For example suppose you did cp /home/me/afile.txt /home/you. For this
to work, you need (x) access to the root directory so you can look up the name "home". You
need (x) access to the /home
directory so you can look up the name
"me". You need (x) access to /home/me
so you can look up the name
"afile.txt". You need (r) access to /home/me/afile.txt
so you can open
the file for reading. You need (w) access to /home/you
so you can
create a directory entry for the new file.