The Linux File Permissions
The basic security of a Linux computer is based on file permissions. Linux is a multi-user system and therefore directories and files inside a Linux computer need to be protected from unauthorized use. Each directory and file in a Linux computer has associated permissions, settings that determine who can access the file and what they can do with it.
Permissions to the Linux file are given to three types of user accounts:
• Owner: The account that owns the file
• Group: Members of a group that owns the file
• All other users in the Linux computer (world): All accounts on the system
Users can be given permission to do one or more of three things to the file:
• Read: Look at the contents of the file
• Write: Save the file to the hard disk
• Execute: Run (execute) the file or enter the directory
The permissions can be given in any combination.
For example, mytext.txt might have permission as follows:
Owner: Read, write, execute
Group: Read, execute
All users: Read
Here the owner can read, write, and run (execute) the file. Members of the group can only read and run (execute) the file. Every other users in the Linux computer can only read the contents of the file.
File permissions ina Linux computer can be displayed by executing “ls –l” command as follows:
Following is an example for the output of “ls –l” command.
[root@RHEL2 ~]# ls -l
total 524876
-rw------- 1 root root 859 Jun 30 12:30 anaconda-ks.cfg
drwxr-xr-x 2 root root 4096 Jun 30 16:56 Desktop
-rw-r--r-- 1 root root 29101 Jun 30 12:30 install.log
-rw-r--r-- 1 root root 3510 Jun 30 12:29 install.log.syslog
-rw------- 1 root root 12230 Jul 2 13:59 mbox
-rw-r--r-- 1 root root 1521 Jul 1 08:14 passwd
-rw-r--r-- 1 root root 536870912 Jul 2 13:59 swap
Note: The r, w, and x stands for read, write, and execute (run).
The Linux file permissions are shown on the left side of the listing. The Linux File permissions consists of ten characters. The first character determines whether it's a regular file, special file or a directory. The remaining nine characters are grouped in threes, for user owner, the group owner, and everyone else (world) on that Linux computer.
The following table explains Linux file permission characters in detail.
Character position |
Description |
1 |
Type of file; - = regular file, d = directory, b = block device, c = character device, l = linked file. |
234 |
File Permissions granted to the owner of the file |
567 |
File Permissions granted to the group owner of the file |
890 |
File Permissions granted to all other users (world) on the Linux computer |
Note: Block device is a peripheral device that transfers a group of bytes (block, sector, etc.) of data at a time such as a hard disk.
Character device is a peripheral device that transfers data one byte at a time, such as a parallel or serial port.
Note: You should be familiar with the basic Linux commands to learn this lesson. Click the following link to learn the basic Linux commands.