« Back to Linux file permissions

Introduction in Linux file permissions

Every file that is stored has a set of file permissions stored within the filesystem. This data about the actual data, is called meta-data. Let have a look at how file permissions work on Linux systems and how to read and understand them.

Read, Write, and Execute

Linux file permissions are divided into three main categories:

  • Read (r): Allows users to view the contents of a file or directory
  • Write (w): Grants users the ability to modify the contents of a file or directory
  • Execute (x): Enables users to execute a file or access the contents of a directory

User, Group, and Others

These permissions are each assigned to three entities:

  • User (u): The user who owns the file or directory, or the owner of the file
  • Group (g): A collection of users who share common permissions
  • Others (o): Everyone else who is not the owner or a member of the group

So in total we have three sets of file permissions, one for these three entities.

Representation of the file permissions

In Linux, permissions are represented by a series of ten characters. The first character indicates the type of file (e.g., regular file, directory, or symbolic link). The remaining nine characters represent the permissions for the owner, group, and others. These nine characters are grouped into sets of three, each indicating the read, write, and execute permissions, respectively.

For example, the permission string drwxr-xr-- can be explained as:

  • d: Directory
  • rwx: Read, write, and execute permissions for the owner.
  • r-x: Read and execute permissions for the group.
  • r--: Read-only permissions for others.

Numeric representation

While the symbolic representation of permissions is intuitive, Linux also offers a numeric representation that simplifies permission management. Each permission is assigned a numeric value:

PermissionAbbreviationOctal value
Readr4
Writew2
Executex1

So how do we use these values? We simply add up the values of the individual permissions.

  • rwx (read, write, execute) = 4 (read) + 2 (write) + 1 (execute) = 7
  • rw- (read, write) = 4 (read) + 2 (write) = 6
  • r-x (read, execute) = 4 (read) + 1 (execute) = 5
  • r-- (read-only) = 4 (read)

Let’s have a look at a practical example. Suppose we have a file named example.txt with the following permissions: -rw-r--r--

The numeric representation would be 644, as the owner has Read(4) + Write (2), the Group and Others only Read (4).

If you don’t want other users to have access to this file, you can use chmod to change the file permissions.

chmod 640 example.txt

Here are all the value combinations:

PermissionsOctal Value
---0
--x1
-w-2
-wx3
r--4
r-x5
rw-6
rwx7

With this introduction into file systems, it is time to move to the next step!

Feedback

Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!

Mastodon icon