The Art of File Permissions – Guarding Your Secrets
In the land of Linux, files and directories have strict rules about who can read, write, and execute them. If you don’t understand these rules, you might accidentally expose your secrets—or lock yourself out!
Today, we unlock the mysteries of file permissions and ownership.
Understanding File Permissions
Run this command on any file:
bash
ls -lYou'll see something like this:
bash
-rwxr-xr-- 1 noob users 1234 Mar 10 noob_script.shBreaking it down:
| 🔢 Position | 🧐 Meaning |
|---|---|
- | Type (file - or directory d) |
rwx | Owner (user) permissions |
r-x | Group permissions |
r-- | Others (everyone else) |
Translation:
- The owner (
noob) can read (r), write (w), and execute (x) the file. - The group (
users) can read and execute it. - Everyone else can only read it.
Changing Permissions – Becoming a Gatekeeper
To change permissions, use chmod:
bash
chmod u+x my_noob_script.sh # Give the owner execute rights
chmod g-w my_noob_script.sh # Remove write rights from the group
chmod o-r my_noob_script.sh # Others can’t read it anymore!If you need to grant full power:
bash
chmod 777 my_noob_script.sh # Warning: anyone can do anything!Better idea:
bash
chmod 755 my_noob_script.sh # Owner: all, Group & Others: read & executeThe Magic of Numeric Permissions
Instead of rwx, you can use numbers:
| 🔢 Number | 🎭 Permission |
|---|---|
7 | rwx (Read, Write, Execute) |
6 | rw- (Read, Write) |
5 | r-x (Read, Execute) |
4 | r-- (Read only) |
0 | --- (No permissions) |
Example:
bash
chmod 750 secret.txt- Owner: Full control (
7) - Group: Read & execute (
5) - Others: No access (
0)
Translation: Only the owner and their group can read/execute. Everyone else? No access! 🥷
Changing Ownership
Sometimes, files end up owned by the wrong user. To fix that:
bash
sudo chown noob myfile.txt # Give ownership to 'noob'
sudo chown noob:users myfile.txt # Change owner & groupSpecial Permissions – The Secret Techniques
Sometimes, normal permissions aren’t enough. Meet setuid, setgid, and sticky bit!
| 🏆 Permission | 🧐 Meaning |
|---|---|
setuid (4) | Runs as the file owner (used for system commands like passwd) |
setgid (2) | Runs with the group’s permissions (useful for shared directories) |
sticky bit (1) | Only the owner can delete files in a directory (used in /tmp) |
Examples:
bash
chmod u+s my_noob_script.sh # Enable setuid
chmod g+s shared_folder # Enable setgid
chmod +t /tmp # Enable sticky bit