File Permissions

Introduction

This article informs about file- and folder-permissions on Linux-based servers, which are used in the GWDG webhosting-environments. File permissions are used to unambiguously declare, which users or groups are allowed to access the file or folder, edit or execute it. File permissions are an important part of the system's security.

Concept

There are three possible values, which can be assigned to a file:

  • Read (r)
  • Write (w)
  • Execute (x)

Additionally each file or folder is attached to an user and an usergroup.

The permissions for the single user are a result of the following pattern:

  • Owner
  • Group
  • Others

The file permission -rwx–r–r can be translated as:

  • First Block (Owner): Read, Write, Execute
  • Second Block (Group): Read
  • Third Block (Others): Read

A normal file contains a leading -, a directory contains a leading d.

Detailed example:

-rw-r--r--  1 testuser testgroup 110M Jun  17  2016 testfile

testuser is the owner of the file testfile. testgroup is defined as group permission. The owner is allowed to read and write the file, members of the group testgroup and all other users are only allowed to read the file.

Octal notation

Using the ocal notation allows the user to shorten the permissions to octals.

To get the permissions, the following values are added up:

  • Read: 4
  • Write: 2
  • Execute: 1

The permission rwx is equal to the octal notation 7 (4 for r + 2 for w + 1 for x). So a file with the octal notation 755 contains the following permissions:

  • First Block (Owner): Read, Write, Execute
  • Second Block (Group): Read, Execute
  • Third Block (Others): Read, Execute