Skip to content

Understanding Linux File Permissions: A Complete Guide

Published: at 12:00 AMSuggest Changes

Understanding Linux File Permissions

Basic Permission Types

# Input
ls -l myfile.txt

# Output
-rw-r--r-- 1 user group 1024 Oct 25 10:30 myfile.txt

Permission breakdown: rw-r--r--

Changing Permissions with chmod

Using Numeric Mode

# Input
chmod 644 myfile.txt

# Output
# No output - permissions updated silently

Using Symbolic Mode

# Input
chmod u+x script.sh

# Output
# No output - execute permission added

Changing Ownership with chown

# Input
chown newuser:newgroup file.txt

# Output
# No output - ownership changed silently

Special Permissions

# Input
chmod u+s executable_file
ls -l executable_file

# Output
-rwsr-xr-x 1 root root 1024 Oct 25 10:30 executable_file

FAQ

Q: What’s the difference between chmod and chown?

A: chmod changes permissions (read/write/execute), while chown changes ownership (user/group).

Q: What do the numeric permissions mean?

A: Each digit represents permissions for owner/group/others:

Q: How do I recursively change permissions?

A: Use -R flag: chmod -R 755 directory/

Q: How do I view current permissions?

A: Use ls -l or stat filename

Q: What’s the safest default permission for files?

A: 644 (rw-r—r—) for files, 755 (rwxr-xr-x) for directories

Common Permission Scenarios

Web Directory Setup

# Input
chmod 755 /var/www/html
chown -R www-data:www-data /var/www/html

# Output
# No output - permissions and ownership updated

Script Execution

# Input
chmod u+x myscript.sh
ls -l myscript.sh

# Output
-rwxr--r-- 1 user group 1024 Oct 25 10:30 myscript.sh

Securing Configuration Files

# Input
chmod 600 config.ini
ls -l config.ini

# Output
-rw------- 1 user group 1024 Oct 25 10:30 config.ini

Best Practices

  1. Use least privilege principle
  2. Regularly audit permissions
  3. Be cautious with recursive changes
  4. Don’t use 777 unless absolutely necessary
  5. Keep sensitive files restricted (600 or 400)

Common Permission Patterns

PermissionNumericUse Case
rw-r—r—644Regular files
rwxr-xr-x755Directories, scripts
rw-------600Sensitive configs
rwx------700Private executables

Advanced Examples

Setting Default Permissions

# Input
umask 022
touch newfile.txt
ls -l newfile.txt

# Output
-rw-r--r-- 1 user group 0 Oct 25 10:30 newfile.txt

ACL Permissions

# Input
setfacl -m u:specificuser:rx file.txt
getfacl file.txt

# Output
# file: file.txt
# owner: user
# group: group
user:specificuser:r-x
user::rw-
group::r--
other::r--

Previous Post
How to Create a Bash Script in Linux: A Complete Guide
Next Post
Linux git and svn Commands: Version Control Essentials