August 15 2022

Linux file permissions and permissions: read, write, execute.

How do file permissions work on Linux and how should they be set for security reasons?

Linux File Permissions

Linux permissions allow you to set security levels for different users. Linux allows you to define access levels for individual files, specify attributes and tighten security. This way you can provide granular permission levels and improve file security.

Linux allows you to choose between different file permissions for each type of user, but they can generally include a combination of:

  • Read
  • To write
  • To execute

Before we talk about Linux file permissions, let's talk about the different types of users.

Linux users 

The three types of users include:

  • Owners
  • Groups
  • Others

Owner

Owners include those who create the file.

Group

Groups generally include different users with the same Linux permissions. For example, the owner can provide read information to a specific group instead of manually granting permission to each user.

Others

This includes any other users who can access the file. These are typically users who have not created the file, nor are they part of a group with specific permissions. So, if you have set permissions for “others”, they will be applied to this group.

Understanding Linux permissions

Now, as mentioned earlier, any file or directory can be assigned any of the three permissions discussed below.

Read (r)

Read permission gives users the ability to open and read a file. If read permission is assigned to a directory, users will be able to list all of its contents.

Write (w)

Write permission allows users to change the contents of a directory or file. This allows a user to add, remove, rename or modify the file as they see fit.

For example, if you need to write permissions for a file, but not for the directory, you will not be able to rename or remove the file from the directory. You will only be able to make changes to the content of the file itself.

Run (x)

This allows the user to run the file. Basically, with this permission, you can run the file.

Linux permissions example

For example, if the file name is:

ls -l example_file

The first character tells you the file type. It could be a directory (d), a normal file (-) or a symbolic link (l). The output of this file provides the following permissions:

-rw-w-r- 

In the first part, you can see that the owner of the file has both the permissions of reading that of writing . Hence, the group has only the permission of writing and all others have only the permission of reading.

How to change Linux file permissions

The chmod command is commonly used to change the permissions of Linux files. Any user with sudo, root, and owner privileges of the file is able to change the permissions of the file. When using the symbolic format, here is the format you can use to change the permission of the file:

chmod [OPTIONS] [ugoa] [-+=] perms...[,...] filename...

In this format, the first set of flags simply indicates the user classes for which you want to change permissions. These include:

  • The owner (u)
  • Group (g)
  • Other users (o)
  • All users (a)

The next set of flags defines whether to add (+), remove (-) or change existing permissions to specific permissions (=).

For example, if the command is:

chmod -r o-x example_file  

It will remove the execute permission for all other users.

Absolute mode

Also known as numeric mode, file permissions in this mode are represented by a three-digit number rather than a series of characters. Here are the numerical values ​​for your understanding:

0 = No authorization

1 = Run

2 = Write

3 = Run and write

4 = Read

5 = Read + Run

6 = Read + Write

7 = Read + Write + Run

So, if you were to use the following command:

chmod 754 example_file

Basically you will change the file permissions as follows:

  • Owner: read, write and execute (7)
  • Group: Read and execute (5)
  • All others: Read only (4)

Conclusion

We hope you find this simple Linux permissions guide useful. Note that the chmod command allows you to change permissions, as long as you have sudo privileges or are the owner of the file.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.

0256569681

Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.

INFORMATION

Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top