In Linux, every file and directory has an associated set of permissions that define who can read, write, or execute them. This system is vital for maintaining data security and user separation.
This article provides an overview of Linux file permissions, how they work, and how to change them.
File Ownership
Each file or directory is owned by:
- A user (owner)
- A group
➤ Types of Permissions
| Symbol | Meaning for Files | Meaning for Directories |
|---|---|---|
| r | Read (view content) | Read (list directory) |
| w | Write (modify content) | Write (create/delete files) |
| x | Execute (run file) | Enter/access directory |
Viewing Permissions
Use ls -l to see permissions:
ls -l myfile.txt
Example output:
-rwxr-xr-- 1 john developers 1200 May 30 12:34 myfile.txt
Breakdown:
- -: Type (
-for file, d for directory) - rwx: User permissions (read, write, execute)
- r-x: Group permissions
- r–: Others permissions
Changing Permissions – chmod
Symbolic Method
chmod u+x script.sh # Add execute for user
chmod g-w file.txt # Remove write for group
chmod o=r file.txt # Set read-only for others
➤ Numeric Method (Octal)
| Value | Permission |
|---|---|
| 0 | — |
| 1 | –x |
| 2 | -w- |
| 3 | -wx |
| 4 | r– |
| 5 | r-x |
| 6 | rw- |
| 7 | rwx |
chmod 755 script.sh
Means:
- 7 → rwx (user)
- 5 → r-x (group)
- 5 → r-x (others)
Changing Ownership – chown
chown username file.txt # Change owner
chown username:groupname file.txt # Change owner and group
Example:
sudo chown alice:developers report.docx
Changing Group – chgrp
chgrp groupname file.txt
Directory Permissions
Special meanings:
- r – List files
- w – Create or delete files
- x – Access directory contents
chmod 700 mydir # Full access for user only
chmod 755 mydir # Allow others to view and enter
Special Permissions
Setuid (s)
Run as file owner, not the user executing it.
chmod u+s file
- Example: /usr/bin/passwd
Setgid (s)
New files inherit group from the directory.
chmod g+s mydir/
Sticky Bit (t)
Used on shared directories like /tmp to restrict deletion.
chmod +t /shared
Create a file only owner can read and write:
touch secure.txt
chmod 600 secure.txt
➤ Public read-only directory:
mkdir public
chmod 755 public
➤ Team collaboration directory:
mkdir /projects/team1
chown :team1 /projects/team1
chmod 2775 /projects/team1
Explanation:
2(setgid) → forces all files to be created with groupteam1- 775 → full access to user/group, read-execute to others
Checking Permissions Recursively
List directories and their permissions:
find /path -type d -exec ls -ld {} \;
Security Tips
- Use least privilege principle — give only necessary permissions.
- Avoid chmod 777 — it’s a security risk.
- Use ACLs for advanced permission needs (Access Control Lists).
- Regularly audit permissions using tools like find, ls, or getfacl.
Conclusion
Mastering file and directory permissions helps you:
- Prevent unauthorized access
- Collaborate effectively in multi-user environments
- Secure sensitive files
Understanding and correctly using chmod, chown, and chgrp is a must for any Linux user or system administrator.