File Access

• Welcome to linuxzoo
  • Essential Linux
    • Unix Security
      • File Access

Access to Unix files are governed by ownership and permissions. If you create a file, you are automatically the owner of that file, and can set the permissions for that file to give or deny access to other users of the system.

There are three different levels of permission:

1. r - read permission: allows users to read the contents of a file
2. w - write permission: allows users to change the contents of a file
3. x - execute permission: signifies a program or script file and allows users to execute (run) the file.

File permissions can be set for three different levels of ownership:

1. u - user - The user who created the file its its owner.
2. g - group - A group to which you are assigned, usually made up of those users engaged in similar activities, and who need to share files among themselves.
3. o - others - All other users on the system.

Thus you can set read, write, and execute permissions for the three classes of ownership:

-rxwrwxrwx
  |   \  \
  |    \  \__
  |     |    \
owner  group  other

For example, to see the permissions, owner name, and group name on 'myfile' type the following:

% ls -l myfile
-rwxrw-r--       1     john    staff   567   Nov 18 12:26  myfile
    |            |       |       |      |       |           |
(permissions) (links) (owner) (group) (bytes) (date)      (filename)

The first dash on the left indicates that 'myfile' is a file (if 'myfile' was a directory you would see a 'd' rather than a '-'). The next nine positions indicate read, write, and execute permissions for owner, group, and other. If a permission is not allowed, a '-' appears in the place of the letter.

In the example (-rwxrw-r--), owner (john) has read, write, and execute permissions (rwx); the group (staff) has read and write permissions (rw-); while other has only read permission (r--).