02. Files & Directory Permissions
Overview¶
Linux uses a permission system to control who can read, write, or execute files and directories. Understanding permissions is essential for:
-
System security
-
Shell scripting
-
File access control
-
Cybersecurity practices
Permission Structure¶
Each file/directory has permissions divided into three sections:
Displayed using:
Example Output¶
Breakdown¶
| Section | Meaning |
|---|---|
- |
File type (- file, d directory) |
rwx |
User permissions |
r-x |
Group permissions |
r-- |
Others permissions |
Permission Types¶
| Symbol | Value | Meaning |
|---|---|---|
r |
4 | Read |
w |
2 | Write |
x |
1 | Execute |
chmod — Change Permissions¶
The chmod command is used to modify file and directory permissions.
Method 1: Symbolic Mode¶
Syntax¶
User Types¶
| Symbol | Meaning |
|---|---|
u |
User (owner) |
g |
Group |
o |
Others |
a |
All |
Operators¶
| Operator | Meaning |
|---|---|
+ |
Add permission |
- |
Remove permission |
= |
Assign exact permission |
Examples¶
Assign full permission to user¶
Explanation
Gives read, write, and execute permission to the owner.
Add execute permission¶
Explanation
Adds execute permission for all users.
Remove write permission from group¶
Set read-only for others¶
Method 2: Octal (Numeric) Mode¶
Syntax¶
Where:
-
X → User permission
-
Y → Group permission
-
Z → Others permission
Permission Values¶
| Number | Permission |
|---|---|
| 0 | No permission |
| 1 | Execute |
| 2 | Write |
| 3 | Write + Execute |
| 4 | Read |
| 5 | Read + Execute |
| 6 | Read + Write |
| 7 | Read + Write + Execute |
Examples¶
Read-only for all¶
Full access to user, read-only to others¶
Breakdown
-
7 → rwx (user)
-
4 → r-- (group)
-
4 → r-- (others)
Common Permission Sets¶
| Mode | Meaning |
|---|---|
| 755 | Owner full, others read/execute |
| 644 | Owner read/write, others read |
| 700 | Owner full, no access to others |
Directory Permissions¶
Permissions behave slightly differently for directories:
| Permission | Meaning |
|---|---|
r |
List directory contents |
w |
Create/delete files |
x |
Enter/access directory |
Examples¶
Symbolic¶
Numeric¶
Recursive Permission Change¶
Explanation
-R→ applies changes to all files and subdirectories inside
chown — Change Ownership¶
Syntax¶
Example¶
Explanation
Changes file owner to subrat.
Change Owner and Group Together¶
chgrp — Change Group Ownership¶
Syntax¶
Example¶
Explanation
Assigns file to a specific group.
Important Notes¶
-
Only root or file owner can change permissions
-
Be cautious with
777(full access to everyone) -
Use least privilege principle in security environments
-
Always verify using:
Summary Table¶
| Command | Purpose |
|---|---|
chmod |
Change file permissions |
chmod -R |
Change permissions recursively |
chown |
Change file owner |
chgrp |
Change group ownership |
Conclusion¶
Understanding Linux permissions is critical for:
-
Securing systems
-
Managing access control
-
Writing safe scripts
-
Performing penetration testing
Mastering these concepts ensures proper control over files and prevents unauthorized access.