A Brief Explanation of File Permissions

Permissions are used to control who can access which files and directories and what can be done to the file and directory. Directories with execute permissions allows users to open the directory while such permissions on a file allows users to run the code/program.

The "chmod" (change mode) command and syscall changes the access permissions of files and directories.

"umask" is used to control the permissions applied to newly created files on Unixoid systems from that point forward until the next umask command. To display the currently set umask, type "umask" in a terminal. To view the umask in symbolic form, type "umask -S". To set the umask, type "umask OCTAL", where "OCTAL" is the desired file permissions in octal notation.

Permissions can be represented in octal notation by assigning each permission to an octal (base 8) number (listed below). To assign more than one permission, add the desired permission values. For instance, read+write (4+2) is "6" in octal notation. When using four octal digits (i.e. "0000"), the first is for special bits (like the sticky bit) followed by the permissions for the owner, group, and others.

• 7 - Read+Write+Execute
• 6 - Read+Write
• 5 - Read+Execute
• 4 - Read
• 3 - Write+Execute
• 2 - Write
• 1 - Execute
• 0 - None
• 4 - set user ID (4000)
• 2 - set group ID (2000)
• 1 - sticky bit (1000)

NOTE: umask negates the octal notation. In other words, a umask of "002" grants all permissions to the owner and group and revokes write permissions to others.

The symbolic notation uses letters to denote the permissions. The first character is for special attributes (such as "d" for directories and "l" for links). The next three letters are the "owner" permissions, followed by three characters for the "group" permissions, and then three for the "other" permissions. The "other" permissions are permissions for users that do not belong to the group and that do not own the file or folder.

Permission Symbols

• r = read (4)
• w = write (2)
• x = execute (1)
• u = owner
• g = group
• o = others
• a = all; owner, group, and others (ugo)

Octal = Symbolic

• 0644 = -rw-r--r--
• 0755 = -rwxr-xr-x
• 0000 = ----------
• 0444 = -r--r--r--
• 0777 = -rwxrwxrwx

chmod Commands

• Add Group Execute Permissions - chmod g+x FILE
• Add Execute Permissions - chmod a+x FILE
• Set Permissions - chmod 644 FILE
• Set Permissions (to text files) - chmod 644 /DIR/*.txt
• Grant All Permissions to Everyone - chmod +rwx FILE
• Remove User/Owner Write Permissions - chmod u-w FILE
• Recursively Remove Others Write Permissions and Grant Group Write - chmod -R o-w,g+w /DIR/
• Recursively Set Permissions (Directories) - chmod -R +X /DIR/
• Recursively Set Permissions (Directories) - find /DIR -type d -exec chmod 755 {} \;
• Recursively Set Permissions (Files and Folders) - chmod -R 0755 /DIR
• Recursively Set Permissions (Files) - find /DIR -type f -exec chmod 644 {} \;