Professional Documents
Culture Documents
46259263_Permissions in Linux
46259263_Permissions in Linux
Tejal Mungale
tejal-premdas.mungale@capgemini.com
Version Table:
1
Table of Content:
1. Preface 3
2. Content 3
3. System Requirements 4
4. Linux File Permissions 4-5
5. Procedure 6-8
6. Verification 9
7. Conclusion 10
8. Reference 10
2
1. Preface:
Linux is a multi-user operating system, and it ensures the security of files with the
concepts of “ownership” and “permissions”. You can use these concepts to control who can access
and modify files. In this document, we will learn these concepts, and how you can change them
using various commands.
In Linux, we use permissions to control what a user can do with a file or directory. Linux
uses three types of permissions: READ, WRITE and EXECUTE.
2. Content:
Linux is a multi-user operating system, i.e., many users can access it simultaneously.
Therefore, it can be used in servers and mainframes without any need for modification. Linux has
great security features, but being a multi-user operating system, it is prone to a security threat.
Unsolicited users may corrupt, remove or change important data. So, it is necessary to avoid a user
accessing any other user’s confidential or crucial files and data.
To implement this security, permission must be granted before the user can access the
file. Here permission specifies what a particular user can or cannot do with respective files and
directories. These permissions help to create a secure environment for the users.
3
3. System Requirements:
3.1.Hardware:
3.2.Software:
Depends on your usage, you can select appropriate distribution, from the following.
• CentOS
• Fedora
• Ubuntu
• Redhat
4.1.Ownership:
• User
User is the owner of the file. When you create a file, you become the owner of the
file. The ownership can be changed as well.
4
• Group
Every user is part of a certain group(s). A group consists of several users and this is
one way to manage users in a multi-user environment.
• Other
‘Other’ can be considered as a super group with all the users on the system. Basically,
anyone with access to the system belongs to this group.
4.2.Permissions:
Every file and directory in Linux have the following three permissions for all the three kinds of
owners:
• Read
For a file, the read permission allows a user to view the contents of a file. For
directories, the read permission allows the user to view the names of files and other
directories stored in it.
• Write
For a file, the write permission allows a user to modify and delete a file. For
directories, the write permission allows a user to modify its contents (create, delete and
rename files in it). However, this permission has no effect on directories unless the
execute permission is also enabled.
• Execute
When set on a file, the write permission allows it to be executed. However, the
permission has no effect on a file unless the read permission is also enabled. On the other
hand, for directories, the write permission allows the user to enter the directory (with cd)
and view metadata (like file permissions) of the files and directories within it.
5
5. Procedure:
5.1.Viewing permissions:
The easiest way to view the permissions of files in a given directory is to run:
If you want to view the permissions in your current directory, leave out the directory name at
the end:
The output is in the form of columns, as shown below:
The “owner” and “group” columns tell us which user and which group owns a file.
The “file mode” column shows the file type and permissions in a compact way, as shown below:
Read
File type User Group Other Write
Execute
drwxrwxrwx rwx
6
As an example, consider the acpi directory, which has the file mode drwxr-xr-x. This means that
the “root” user has read, write and execute permissions. Users in the “root” group, as well as any
“other” users have read and execute permissions, but not write permissions.
Now, consider the at.deny file, which has the file mode -rw-r-----. Here, the “root” user has read
and write permission; and users of the “daemon” group have read permission. However, all
“other” users have no permissions at all.
As an example, consider the acpi directory we’ve talked about previously. The symbolic mode
of this directory is rwxr-xr-x. Now, in order to get the equivalent numeric mode, we take the
individual permissions of “user”, “group” and “other”. If a permission is enabled we put a 1, and
if it is disabled we put a 0. By doing this, we obtain a binary number, and we convert it to octal.
So, for the acpi directory, you can get the symbolic mode as shown below:
1 1 11 0 1 1 0 1
Numeric mode 7 5 5
Thus, we obtain the numeric mode as 755.
7
Refer the table below for numeric and symbolic mode:
5.3.Changing permissions:
When you create a file or directory, you might want to change some permissions. You can do this
with the “chmod” command.
chmod also accepts the letters u, g and o for “user”, “group” and “other”. It also supports the “-
” symbol to remove permissions. For example, suppose you want to remove the write and
execute permissions for “others”, and the write permission for “group”. To do so, run the
following command:
8
6. Verification:
In above example, using command “chmod” We set the permission for “others” to “w”.
In this example ,we changed the permissions of “Downloads” and “Pictures” folder .
9
7. Conclusion:
By this documentation we got know that Linux being a multi-user system uses permissions and
ownership for security. The permissions on a file can be changed by ‘chmod’ command which can
be further divided into Numeric and Symbolic mode.
8.Reference:
https://www.guru99.com/file-permissions
https://linuxhandbook.com
10