How Linux file permissions work

by on February 13, 2006 · 17 comments· last updated at September 11, 2007

Linux (and almost all other Unixish systems) have three user classes as follows:

  • User (u): The owner of file
  • Group (g): Other user who are in group (to access files)
  • Other (o): Everyone else

You can setup following mode on each files. In a Linux and UNIX set of permissions is called as mode:

  • Read (r)
  • Write (w)
  • Execute (x)

However, above three modes or permission have different meaning for file and directory:

Linux Read mode permissions

  • Read access on a file allows you to view file
  • Read access on a directory allows you to view directory contents with ls command

Write mode permissions

  • Write access on a file allows you to write to file
  • Write access on a directory allows you to remove or add new files

Execute mode permissions

  • Execute access on a file allows to run program or script
  • Execute access on a directory allows you access file in the directory

Octal numbers and permissions

You can use octal number to represent mode/permission:

  • r: 4
  • w: 2
  • x: 1

For example, for file owner you can use octal mode as follows. Read, write and execute (full) permission on a file in octal is
0+r+w+x = 0+4+2+1 = 7

Only Read and write permission on a file in octal is
0+r+w+x = 0+4+2+0 = 6

Only read and execute permission on a file in octal is
0+r+w+x = 0+4+0+1 = 5

Use above method to calculate permission for group and others. Let us say you wish to give full permission to owner, read & execute permission to group, and read only permission to others, then you need to calculate permission as follows:
User = r+w+x = 0+4+2+1 = 7
Group= r+w+x = 0+4+2+0 = 6
Others = r+w+x = 0+0+0+1 = 1

Effective permission is 761.

chmod command

To setup file permission you need to use chmod command:
chmod {mode} {file-name}

To setup file permission 761 you need to use chmod command as follows:
# chmod 0761 file
To setup a file readable by anyone and writable by the owner only:
# chmod 644 file
To setup a file readable/executable by everyone and writable by the owner only:
# chmod 755 file
You can change permissions for all files and directories within a directory by using the -R option on the chmod command. For example, to setup others read and execute access to all files and directories (and files and directories within directories), you need to type command as follows (i.e. change the modes of the file hierarchies rooted in the files instead of just the files themselves):
# chmod -R 755 directory-name/

Further readings

  1. Access rights: Linux's first line of defense
  2. Read chmod command man page for more information.


You should follow me on twitter here or grab rss feed to keep track of new changes.

Featured Articles:

{ 17 comments… read them below or add one }

1 Anonymous February 14, 2006 at 8:05 pm

What about sticky bits?

Reply

2 nixcraft February 14, 2006 at 11:32 pm

Okai I will post about sticky bit too :)

Reply

3 hari vishnu September 6, 2007 at 5:20 am

Hello,

Very useful thanks.

Reply

4 amit nehra December 6, 2007 at 3:17 am

is there any command which can restore the file permissions.
i just change permissions to few files & i don’t know the old permissions. any way to undo the chmod operation.
mail at nehra13@gmail.com

Reply

5 thakur ravi January 3, 2008 at 7:07 am

I have same trouble.
Pls send reply to
ravi.thakur@barco.com

Reply

6 irfan September 30, 2008 at 6:02 am

HI,

Q. Would like to know how to run file in linux? How to download yahoo messenger?

Reply

7 Gabriel October 23, 2009 at 6:40 am

thanks for the post

Reply

8 shishir June 9, 2011 at 11:06 am

What is meaning of execute when we implement on file.pls suggest

Reply

9 hmm July 21, 2011 at 5:52 am

755 means wrx, rx, rx, why then in centos i see with ls -la,
wrx-rx-x ??? others can only execute?

Reply

10 Santosh November 18, 2011 at 5:35 am

Nice one and easy to understand

Reply

11 Akshay January 16, 2012 at 8:30 am

Hello,

Can you please tell me how to change default umask for all user in centos or Redhat

Thanks
Akshay.

Reply

12 Vivek Gite January 16, 2012 at 8:38 am
13 seighalani April 6, 2012 at 8:09 am

hi dear

you made wrong in an example. please double check this part

“Use above method to calculate permission for group and others. Let us say you wish to give full permission to owner, read & execute permission to group, and read only permission to others, then you need to calculate permission as follows:
User = r+w+x = 0+4+2+1 = 7
Group= r+w+x = 0+4+2+0 = 6
Others = r+w+x = 0+0+0+1 = 1

Effective permission is 761.”

according your explanation answer is 754 not 761

Reply

14 NILESH August 27, 2012 at 4:59 am

how will access files/directories if i prompted another user?

Reply

15 bilkis January 10, 2013 at 6:29 am

You work as a Network Administrator for B The company has a Linux-based network.You are working on a Linux computer. You get the following listing on your computer:rwxr-xr-x 2 abc user 15 May 3 3:12 file92. How many hard links have been created for file92?

Reply

16 mohammad March 11, 2013 at 5:50 am

hello

it’s very good thanks

Reply

17 Jack March 25, 2013 at 1:48 pm

Hi Thank you for this. But is there a way we could give a specific user Read Write permission to directories and its sub directories.The user is not the owner or not in a group ?

Reply

Leave a Comment

You can use these HTML tags and attributes for your code and commands: <strong> <em> <ol> <li> <u> <ul> <kbd> <blockquote> <pre> <a href="" title="">

Tagged as: , , , , ,

Previous Faq:

Next Faq: