File and directory permissions control the ability of users to view and/or make changes to the files and directories in the file system. In UNIX, there are three types of access modes:
read [r]: User may look at the file or make a copy of it.
write [w]: User may modify or remove the file, or files in a directory.
execute [x]: User may execute the file if it is executable.
Access modes are specified for each file and directory three times, for the following distinct classes:
owner: The owner of the file or directory
group: The group that owns the file or directory
other: The other users who do not own the file or directory or belong to the owning group
For example, in
The first character indicates the file type, which in this case (
-) is a regular file. (Directories are specified with a
rwxindicates that the
ownerof the file has full (read, write and execute) permissions to the file.
r-xindicates that user
groupis allowed to read and execute the file.
otherusers are allowed to read and execute the file.
File permissions can also be expressed in octal (base-8) notation, which consists of three digits. The first digit specifies the permissions given to the
owner of the file, the second digit specifies the permissions for the user
group associated with the file, and the last digit specifies the permissions given to all
Table A.1. Permission bits in octal and symbolic notation
|Octal notation||Symbolic notation||Meaning|
|3||Write and execute|
|5||Read and execute|
|6||Read and write|
|7||Read, write and execute|
755 (equivalent to
-rwxr-xr-x) specifies that the owner of the file has full permissions to the file, and the user group and others are allowed to read and execute the file.
700 (equivalent to
-rwx------) specifies that the owner of the file has full permissions to the file, and the user group and others do not have access to the file.
To see the permissions of a file in USS, enter the following:
> ls -l
The ls -l command lists files in the long format, showing their file type, permissions, number of hard links, file owner, group, file size, and the date of last modification. If you do not specify a file name, the command lists the information for all the files in your current working directory.