Permissions

There are a lot of good security features built into Linux-based systems, one very important potential vulnerability can exist when local access is granted - that is file permission based issues resulting from a user not assigning the correct permissions to files and directories.

Here is an output from the ls -l command to see the file and directories permissions.

$ ls -l
total 56
drwxr-xr-x@  7 robin  staff    238  1 Oct 00:28 categories
-rw-r--r--@  1 robin  staff    411 16 Sep 22:50 desc.jade

The permissions string is illustrated in the following graph.

linux command - file permissions

Type - the first character ( -, d or | )

If you look at the permission string, the first character is used to indicate whether it is a Regular file by beginning with a -, or it will begin with a d if it is a Directory. Or an | if it is a Symbolic link.

Symbol Type
- Regular file
d Directory
| Symbolic link

Read, Write and Execute Characters ( r , w , and x )

The other characters that you encounter in the permissions string are r , w , and x . They represents the main types of permissions.

Symbol Permission
r Read
w Write
x Execute

If you have a Read permissions to a file that means you can see its content. For example you can run cat against the file to see the file's content. If you have Write permissions to a file, you can modify its content. If you have Execute permission, you can run that file as a program.

Read, Write and Execute are fairly self explanatory when there applied to files. However, they have a slightly different meaning when they are applied to directories.

Permission File Directory
Read (r) Allows a file to be read. Allows file names in the directory to be read.
Write (w) Allows a file to be modified. Allows entries to be modified within the directory.
Execute (x) Allows the execution of a file. Allows access to content and metadata for entries.

Permission Categories

There are categories of users that Read , Write and Execute permissions can be applied to. These categories are User , Group , Other and All . And like permission types, each one is represented by a single letter.

Symbol Categories Meaning
u User Represents the User that owns the file.
g Group The users that are in file's Group.
o Other Users that are not the owner or are not in the file's group are considered as Other.
a All Represents All, or everybody.

Group permissions and Changing permissions

You can run the groups command to displays what groups you are a member of. To change the group, you can run chgrp [groupname] [filename].

In addition, to change the permissions, you will need to use chmod command.

You can visit the following links for more details: