File permissions are the core security mechanism in Linux. They determine who can access a file or directory and what actions (reading, modifying, executing) they can perform.
1. Understanding Ownership
Every file and directory in a Linux system is assigned three types of owners:
- Owner (u): The user who created the file.
- Group (g): A collection of users defined by the system administrator.
- Others (o): Everyone else who is not the Owner and not in the Group.
2. The Permission Types
There are three basic permissions that can be granted or denied to each of the three owner types:
| Symbol | Letter | Octal Value | Meaning |
| r | Read | 4 | Allows viewing the file’s contents or listing a directory’s contents. |
| w | Write | 2 | Allows modifying, saving, or deleting the file, or creating/deleting files within a directory. |
| x | Execute | 1 | Allows running a file as a program or entering/navigating into a directory. |
| – | None | 0 | No permission is granted. |
3. Interpreting Permissions (ls -l)
When you view file details using ls -l, the first 10 characters show the file type and permissions.
The 10 characters are structured as:
| Position | Meaning | Example |
| 1st | File Type (- or d) | d |
| 2nd – 4th | Owner Permissions (3 chars) | rwx |
| 5th – 7th | Group Permissions (3 chars) | rw- |
| 8th – 10th | Others Permissions (3 chars) | r-- |
Example Output Breakdown:
If the permission string is -rwxrw-r–:
- File Type:
-(It is a regular file) - Owner:
rwx(Read, Write, Execute) - Group:
rw-(Read, Write, but no Execute) - Others:
r--(Read only)
4. Octal (Numeric) Representation
Permissions can be represented using a three-digit octal (base-8) number, where each digit corresponds to the sum of the permissions for the Owner, Group, and Others, respectively.
| Permission Combination | Binary | Octal |
Full Access (rwx) | 111 | 7 (4+2+1) |
Read/Write (rw-) | 110 | 6 (4+2+0) |
Read/Execute (r-x) | 101 | 5 (4+0+1) |
Read Only (r--) | 100 | 4 (4+0+0) |
The most common default permission sets are:
755(rwxr-xr-x): Full access for the owner, read/execute for group and others (typical for directories and executables).644(rw-r–r–): Read/write for the owner, read-only for group and others (typical for regular files).
