File and Folder Permissions in Linux

In a typical UNIX/LINUX-style file listing, a file will be displayed in the following way:


# ls -la


-rwxr-xr--   1 user group     40 Jan  1 11:35 file.txt

The first symbol (“-“) represents the type of file. In this case, it is a regular file; directories have a “d” there. The file permissions determine what type of access to that file an authenticated user has. Permissions are summarized in the following way:

rwxr-xr–

r stands for read permission;
w stands for write permission;
x stands for execute permission.

The permissions are divided into three parts:

The first three characters (rwx) are for owner permissions. The owner of the file, the user “user”, can read the file, write (modify) it, and execute it, in case it is executable.

The next three characters (r-x) are for group permissions. Members of the group “group” can read the file and execute it, in case it is executable.

The last three characters (r–) are for other (world) permissions. These are the permissions for everyone else on the system. Users other than “user” who are not members of the “group” group can only read the file.

For directories, the permissions have a slightly different meaning.

For example:


# drwxr-x---   1 user group   4096 Jan  1 12:36 data/

Read determines if the user can get a list of the files in the directory;

Write determines if the user can create or delete files in the directory. A point of interest in this case is that if a user has write access to the directory, the user can delete files that are in that directory even if the username has no write permissions for the particular files;

Execute determines if the user can cd into the directory.

To summarize:

In this case, the owner, user, can do just about anything in the directory. Members of the group staff can list the contents of the directory and browse it. No one else is allowed access to the directory. Permissions are also often represented by digits. For example, 755 is the same as rwxr-xr-x.

The permission bits correspond to a certain number: 4 stands for r, 2 for w, 1 for x.

The reason for this is that in binary 100 (r–) is 4 in decimal; 10 (or 010, -w-) in binary is 2; and 1 (or 001, –x) in binary is 1 in decimal.

This allows for adding the numbers together, which can give a number from 0 to 7 for each of the three parts of the permissions set.