Managing permissions in Linux allows you to add an extra layer of security to your system, ensuring that the right users have access to your most important files and applications. In this article, we will cover some basic information about Linux file permissions and show you how to utilize it to protect your server.
Topics
Permission Groups and Types
There are three permission groups in Linux:
- Owner - any permissions will only apply to the owner of the file or directory
- Group - any permissions will only apply to the group that has been assigned the file or directory
- All Users - any permissions will apply to all users
Additionally, there are also three types of permissions in Linux. The numbers associated with them will be explained further down:
- Read (4) - allows the user in question to read the file or directory
- Write (2) - allows the user in question to modify the file or directory
- Execute (1) - allows the user to execute and view the contents of the file or directory
You can view permissions on a file or directory using the following command:
$ ls -l
The permissions will be displayed at the beginning of each line in the format: _rwxrwxrwx. The first "rwx" in the line is for the owner, the second is for the group, and the third is for all users.
Setting Permissions
In order to set permissions for a file or directory, we must first address the numbers associated with each permission type and how they are used. The numbers are as follows:
- Read - 4
- Write - 2
- Execute - 1
Adding any combination of these numbers together will give a unique number which corresponds to the permissions associated with a file or directory. See below for the possible combinations of permissions:
- 0 - No permissions
- 1 - Execute
- 2 - Write
- 3 - Write, Execute
- 4 - Read
- 5 - Read, Execute
- 6 - Read, Write
- 7 - Read, Write, Execute
We use the chmod command to assign permissions to a file or directory. See the example command below using the standard directory for Apache:
# chmod 750 /var/www/html/
In this example command, you will note that we typed three numbers. Each of these numbers corresponds to permissions for the owner, group, and all users in that order. So, in this example, we have accomplished the following:
- Assigned the owner read, write, and execute permissions with the number "7"
- Assigned the group read and execute permissions with the number "5"
- Assigned all other users no permissions with the number "0"
Conclusion
Having read this article, you should understand the basic permissions and permission groups for files and directories in Linux. You should also be able to assign permissions to each permission group using the chmod command.