The ECN No Name Newsletter is no longer being published. This is an archived issue.

Understanding Permission Codes

Marian Hensler

As the account owner when you create files and directories, you may decide you are willing to share some of your files with friends, classmates, and strangers; while some of your other files you want to keep private. UNIX provides a method where you can control who has permission to "read", "write", or "execute" your files.

Type "ls -l" to find out the permission status of the files and subdirectories in your current working directory. For example:

$ ls -l
-rw-r--r--      1 your.login    129     Jul 9   10:46   resume
-rw-r--r--      1 your.login    429     Apr 1   17:06   jokes
drwxr-xr-x      2 your.login    32      Oct 9   11:30   subdir_a
$

Permission codes appear at the beginning of each line in the previous example. A permission code consists of a sequence of 10 letters and/or dashes having the following meanings:

column 1 "d" indicates a directory "-" indicates a file
columns 2-3-4 indicates permission for owner
columns 5-6-7 indicates permission for group
columns 8-9-10 indicates permission for world

There are three access permission bits for each of the three classes. The 3 bits are "r", "w", and "x" and indicate the following permissions for files and directories.

Code for a:  |     r               w               x
             |---------------------------------------------
file         | read/copy           write          execute
             |---------------------------------------------
directory    | ls             create and          access
             |                remove files        cd files

A dash symbol (-) shows up in place of the bit "r", "w", or "x" when that permission is denied. Thus, for each class, there are eight combinations of the three access permissions which form a numbering scheme from 0 to 7. They are:

0 --- no permission
1 --x execute permission
2 -w- write permission
3 -wx write and execute permission
4 r-- read permission
5 r-x read and execute permission
6 rw- read and write permission
7 rwx read, write and execute permission

Permissions may be changed by using the chmod command specifying a 3-digit number derived from the above scheme. The first digit corresponds to the permission you want set for you (the owner). The second digit corresponds to the permission you want set for your group. The third digit corresponds to the permission you want set for the whole world. For most people, the group and the world permissions will be the same. The command's format is:

$ chmod ### filename (or directory)

For example, to change the permissions to 751 on the file "test1",

you would need to use the following command:

$ chmod 751 test1

The following permission modes are most common:

755 for an unlocked directory
700 for a locked directory
644 for an unlocked file
600 for a locked file

webmaster@ecn.purdue.edu

Last modified: Thursday, 30-Oct-97 18:20:58 EST

HTML