Monday, January 31, 2011

What are the File/Directory Permissions in Unix/Linux?

Every user on a Unix/Linux system has a unique username, and is a member of at least one group. This group information is held in the password file stored in /etc/passwd. A user can also be a member of one or more other groups, stored in /etc/group.  Only the administrator can create new groups or add/delete group members.


Every directory and file on the system has an owner, and also an associated group. It also has a set of permission flags which specify separate read, write and execute permissions for the owner, group and other.

ls -l command shows the permissions and group associated with files.
ls -g command shows the group information.

The permission flags are read as follows (left to right)
1
directory flag, 'd' if a directory, '-' if a normal file, something else occasionally may appear here for special devices.
2,3,4
read, write, execute permission for User (Owner) of file
5,6,7
read, write, execute permission for Group
8,9,10
read, write, execute permission for Other

-
in any position means that flag is not set
r
file is readable by owner, group or other
w
file is writeable. On a directory, write access means you can add or delete files
x
file is executable - only for programs and shell scripts.
Execute permission on a directory means you can list the files in that directory