File & Directory Permission

 

What are File and Directory Permissions?

File and directory permissions are security settings that control access to files and folders in an operating system. These permissions determine who can read, write, or execute a file and who can access or modify a directory. Typically, permissions are categorized into three main types: read (r), write (w), and execute (x). Each of these permissions can be assigned to different user categories, such as the owner of the file, members of the owner’s group, and other users. By setting these permissions, system administrators can protect sensitive information and maintain the integrity of the file system

Why Use File and Directory Permissions?

Using file and directory permissions is crucial for maintaining security and privacy within a computer system. By restricting access to files and directories, organizations can prevent unauthorized users from viewing or altering sensitive data, thereby reducing the risk of data breaches and malicious activity. Additionally, proper permission settings help in managing collaborative environments, where multiple users need access to shared resources while ensuring that critical files remain protected from accidental modifications or deletions. Overall, implementing effective permission strategies is essential for safeguarding data integrity and promoting a secure computing environment.

Understanding File and Directory Permissions

1. Permission Types:

Each file or directory has three types of permissions:

• Read (r): Allows viewing the contents of a file or listing the contents of a directory.
• Write (w): Allows modifying the contents of a file or adding/removing files in a directory.
• Execute (x): Allows executing a file (if it’s a script or program) or accessing a directory.

2. User Categories:

Permissions apply to three user categories:

• User (u): The owner of the file or directory.
• Group (g): Users who are in the same group as the file’s group.
• Others (o): All other users on the system.

Viewing Permissions

Command: ls -l

To see the permissions of files and directories, use:

ls -l

Output Explanation:

The output might look like this:

drwxr-xr-- 2 user group 4096 Jan 01 12:00 directory
-rwxr-xr-- 1 user group  500 Jan 01 12:00 file.txt

• The first character indicates the type (d for directory, - for file).
• The next nine characters show permissions in groups of three (user, group, others).

Changing Permissions

Command: chmod

To change permissions, use the chmod command.

Using Symbolic Notation

1.Add permission:

chmod u+x filename  # Adds execute permission for the owner

2.Remove Permission

chmod g-w filename # Removes write permission for the group

3. Set Exact Permission

chmod a=rw filename

Using Octal Notation

Permissions can also be represented numerically:

• r = 4
• w = 2
• x = 1

To combine permissions, add the values. For example, 755 means:

• Owner: 7 (4+2+1 = read, write, execute)
• Group: 5 (4+0+1 = read, execute)
• Others: 5 (4+0+1 = read, execute)

To set this permissions:

chmod 755 filename

Changing Ownership

Command: ‘chown‘

To change the owner or group of a file or directory, use:

chown user:group filename

The chown command changes the owner of a file or directory.

chown [options] new_owner:new_group filename

Example:

chown alice:staff report.txt

This changes the owner to alice and the group to staff.

Modes

1. Symbolic Mode: Use letters to specify permissions.
   • u: user
   • g: group
   • o: others
   • a: all (user, group, others)
   Operations:
   • +: Add permission
   • -: Remove permission
   • =: Set exact permission
   Examples:
   • Add execute permission for the user:

chmod u+x filename

• Remove write permission for the group:

chmod g-w filename

Set read and write permissions for everyone:

chmod a=rw filename

1. Symbolic Mode: Use letters to specify permissions.

• u: user
• g: group
• o: others
• a: all (user, group, others) Operations:
• +: Add permission
• -: Remove permission
• =: Set exact permission Examples:
• Add execute permission for the user: chmod u+x filename
• Remove write permission for the group: chmod g-w filename
• Set read and write permissions for everyone: bash chmod a=rw filename

1. Numeric Mode: Use numbers to specify permissions.

Setting Default Permissions with umask

The umask command sets default permissions for newly created files and directories. It determines what permissions will not be set.

Check current umask:

umask

Set a new umask: To set umask to 022, which will give new directories 755 and new files 644:

umask 022

Examples of Common Permission Changes

1. Make a script executable:

   chmod +x script.sh

2. Allow group to read and write a file:

   chmod g+rw file.txt

3. Remove all permissions for others:

   chmod o-rwx file.txt

4. Set specific permissions using numeric mode:

   chmod 644 file.txt

5. Change ownership:

   chown user:group file.txt

Summary of Commands

Command	Description
ls -l	List files with permissions
chmod	Change file or directory permissions
chown	Change file or directory owner/group
umask	Set default permissions for new files