Building BobSmithPhotography.net has stopped expanding because I've been overwhelmed with spam on the comment forums. So, if you're here and have questions about web design come and visit Forums, Blogs, Wikis dot com. It has articles that I've written, some of which are also here, and a web design forum as well so you can ask any questions you may have. There is still a lot of good stuff here though, so poke around the links and take a look.

Home » Other Tips » Hosting Issues » Linux File Permissions

Linux File Permissions

For those coming to the web from a Windows machine the idea of file permissions may seem like an odd concept.  On your computer if you want to edit a file you can simply open it, make your changes, and save.  Linux makes it a little more complicated, although necessarily so because Linux was written for network environments where Windows started life as an operating system for single computers and had network support added.

Owner, Group, and World
Before we start looking at the 755 and 644 codes that you've probably seen in installation manuals for scripts you've downloaded, we need to back up to the concept of file owners, groups, and world permissions.

The file owner is generally the person who created the file.  Say Bob saves all his finances in Quicken.  The Quicken data files belong to Bob, so he would be the file owner.  In most cases, all the files on your desktop computer are treated as though you own them.  

Bob's wife Joan decides she wants access to the finances, so Bob has to change the file permissions.  But he can't simply change the file owner to Joan because then he couldn't access it.  So Bob creates a group named Smith that both he and Joan belong to and assigns the Quicken file to that group.  Bob is still the file owner, but because the file is also assigned to the Smith group Joan can access it.

World permissions sort of make the Quicken example fall apart, so we need to move on to another file.  Bob has a great picture of the Grand Canyon that he wants to share with anyone who comes to his computer.  He sets this file to be readable by anybody whether they belong to the Smith group or not.  But, he doesn't want just anyone writing over it so write permissions are saved for just Bob and Joan. 

Executable
If you're used to a Windows machine you probably recognize executable files by their extension, typically .exe.  Linux makes it easier, or more confusing depending on what you're used to. Any file can be tagged as executable and can be run.

Text view of permissions
Let's look at the following example of a textual representation of file permissions.

-rwxrw-r--
0123456789

Position 0 can be either -, d, or l.  A normal file will have a - in this position, a directory will have a d, and a link will have an l. 

Positions 1-3 are for the file owner, positions 4-6 are for the group, and positions 7-9 are for the world.  An r means that the file is readable, a w means writable, and an x means executable. 

For this particular file, let's say Bob is the owner and it belongs to the Smith group.  Bob can read, write to, and execute the file.  Bob and Joan can both read and write to the file.  And anybody can read it.

Numeric representation of permissions
Most of the time you will see permissions using an octal notation like 755 or 644.  Each of the numbers represent owner, group, and world respectively. 

Digit
Text
Meaning
0
---
All access is denied
1
--x
File is executable only
2
-w-
File is write only
3
-wx
File is writable and exectuable
4
r--
File is read only
5
r-x
File is readable and executable
6
rw-
File is readable and writable
7
rwx
File is readable, writable, and executable

Using the table above we can see that 755 means that a file is readable, writable, and executable by the owner and readable and writeable by the group and world.  644 means that the owner can read and write and the group and world can read only.

These two cases, 755 and 644, are very common in web applications. 

Content managed by the Etomite Content Management System.