Understanding File Permissions

 

There are two parts to the file control mechanism: “Classes” and “Permissions.” Classes determines who can access the file, while the Permissions determines what the user can do with that file.

There are three Classes: Owner, Group, and Others.

The Owner is usually the creator of the file or folder. In Linux, any files or folders that you create in your Home directory are usually owned by you unless you specifically change the ownership.


The Group contains a group of users who share the same permissions and user privilege.


Others means the general public.

 
 
 

As for permissions, there are three type of actions that you can perform on a file or folder:

Read. You cannot modify the contents of the file in any way. When applied to a Folder, you can only view the files within that folder; you cannot delete or modify the files in any way or add more files to the folder.


Write. You can modify the file. If you have “write” access to a folder, then you can delete and add files to that folder.


Execute. Execute is mainly used when you need to run the file and is most commonly used when you need to run a script.

By using Classes in combination with Permissions, you can control who has access to a file and the actions they can perform on said file.

The file owner will usually have all three permissions (read, write and execute). If you’re not the owner of the file or folder, then you’ll typically have to change Ownership to your name, or change the permissions of Group or Others to read, write and/or execute.

In a web server, if you’re unable to upload a file, then it’s probably because you’re not the owner of the destination folder. Alternatively, you may not have sufficient permissions to add files to the folder.

Here’s the different permutation:

0 – no permission
1 – execute
2 – write
3 – write and execute
4 – read
5 – read and execute
6 – read and write
7 – read, write, and execute

Depending on the permissions you want to grant to the file, you just need to set the number accordingly.

Here are some of the commonly used permissions:

755. This set of permissions is commonly used by web servers. The owner has all the permissions to read, write and execute. Everyone else can read and execute but cannot make changes to the file.

777. Everyone can read, write, and execute. 

In a web server, it’s not advisable to use the “777” permission for your files and folders, as this allows anyone to add malicious code to your server. However, in some cases you’ll need to set the 777 permissions before you can upload any file to the server – for example: uploading images in WordPress.

644. Only the owner can read and write. Everyone else can only read. No one can execute this file.

655. Only the owner can read and write and cannot execute the file. Everyone else can read and execute and cannot modify the file.

You can also change permissions using the chmod command in the Terminal. In short, “chmod 777” means making the file readable, writable and executable by everyone.

chmod 777 /path/to/file