Understanding Files and Directories Permissions in Linux.

amanpreet · 07-08-2013, 11:15 PM

When we create any file or directory in Linux it has by default permissions, file 644 and for directory 755. These are the by default permissions and we can also modify these permissions as per our requirements. Very frequently an interviewer also ask questions about the files and directories permissions. Because its concerned with security of files and directories and server. If we will discuss about the file permissions then there are different type of permissions like default permissions and special permissions. Special permissions mostly known as StickyBit , SUID & SGID Bits. We can see default permissions of files and directories in directory listing command as below

Code:

ll

or

Code:

ls -l

and output will be as below

Code:

-rw-r--r--.  1  root  root     0  Jun  28  18:06  file
drwxr-xr-x.  2  root  root  4096  May  23  20:01  jk2d

Here the first digit indicates that its a file or directory if its file then first field will '-' and if directory then 'd'.

Four symbols are used when displaying permissions

r: Permissions to read a file and list the content of a directory.
w: Permissions to write a file or create and remove files from directory.
x: Permissions to execute a program or change into a directory and do long listing of directory.
-: No permissions.

Permissions display in three digits mode as

For a file: rw- r-- r--
For a direcory: rwx r-x r-x

The first three digits set specifies owner's permissions.
Second three digits set specifies group permissions.
Third three digits set specifies other's permissions.

To change all permissions on a file at once, it is often easier and quicker to use the numeric method and we uses chmod command to change permissions. Numeric permissions are calculated as below

4: for read
2: for write
1: for execute

So the full permissions are 7 for a user if we will set full permissions for all owner, group and others then these will be 777 and it will look like as below

Code:

drwxrwxrwx. 1 root root    0 Jun 28 18:06 dir

These are the basic file permissions but if we will discuss about the special permissions StickyBit , SUID & SGID then file permissions will displays as

SUID or Set User ID

Code:

-rwsr--r--. 1 root root    0 Jun 28 18:06 file

The ‘s’ in user feild, in place of ‘x’ indicates that SUID bit is set.

SGID or Set Group ID

Code:

-rwxr-sr--. 1 root root    0 Jun 28 18:06 file

The ‘s’ in group, in place of ‘x’ indicates that SGID bit is set.

Sticky Bit

Code:

drwxrwxrwt 4 root root 4096 Aug 19 02:29 /tmp/

For more details of special permissions you should read in brief or go through examples of StickyBit , SUID & GUID to differentiate.

eklavya · 07-09-2013, 12:41 AM

Good... Thanks for sharing with all Linux users.
Why don't you add this in your blog entry? It will be visible there forever.
Here it will be crushed down by the uncountable number of threads.

catkin · 07-09-2013, 12:50 AM

Nice.

There's a typo in "StickBit" for "Sticky Bit". The linked page's title also has StickBit -- and "GUID Bit" for SGID bit. In the body of the text the linked page correctly uses "Sticky Bit" and SGID.

For completeness the meaning of S and T is sticky bit set and the execute bit not set.

amanpreet · 07-09-2013, 08:59 PM

Thanks Eklavya and Catkin, I have corrected the typo.

Quote:

Originally Posted by catkin

Nice.

There's a typo in "StickBit" for "Sticky Bit". The linked page's title also has StickBit -- and "GUID Bit" for SGID bit. In the body of the text the linked page correctly uses "Sticky Bit" and SGID.

For completeness the meaning of S and T is sticky bit set and the execute bit not set.