Author: @ Deepak Kandpal
π§ Linux Permissions:
I've broken down Linux file permissions into simple, human terms, without any jargon. My goal is to make understanding Linux permissions as easy as possible for you.
:: Enjoy the contentβ ::
Permission Structure and Basics π
1. The Basic Trio
In Unix-based operating system (Linux / macOS) every file/folder has 3 permission sets.
| Symbol | Meaning | Files | Directories |
|---|---|---|---|
r |
Read | View content | List files (ls) |
w |
Write | Modify/delete | Add/remove files |
x |
Execute | Run as program | Enter (cd) |
2. Permission Types
Permission Notation π
Symbolic View ( -rwxrwxrwx )
Permissions (-rwxr-xr--)
βββ Type
β βββ - : Regular file
β βββ d : Directory
β βββ l : Symlink
βββ User (rwx)
β βββ r : Read
β βββ w : Write
β βββ x : Execute
βββ Group (r-x)
β βββ r : Read
β βββ x : Execute
βββ Others (r--)
βββ r : Read
Octal Notation π’
| # | Permission | Symbolic | Typical Use |
|---|---|---|---|
| 7 | rwx | rwx |
Scripts, directories |
| 6 | rw- | rw- |
Data files |
| 5 | r-x | r-x |
Shared libraries |
| 4 | r-- | r-- |
Config files |
| 0 | --- | --- |
Locked files |
Spotting File Types with ls -l π
| First Char | File Type | Example Output |
|---|---|---|
- |
Regular file | -rwxr-xr-- |
d |
Directory | drwxr-xr-x |
l |
Symlink | lrwxrwxrwx |
c |
Character device | crw-rw---- |
b |
Block device | brw-r----- |
1. Regular File ( - )
Permission e.g. : -rw-r--r-- 1 alice devs 1024 Jun 15 report.txt
Breakdown:
-β Regular file ( text, scripts, binaries )rw-β Owner ( alice ) can read/writer--β Group ( devs ) can only readr--β Others can only read
Why It Matters:
Common for config files ( e.g.,
/etc/hosts)Risk:
-rw-rw-rw-( 666 ) lets anyone modify the file.
2. Directory ( d )
Permission e.g. : drwxr-x--- 2 bob devs 4096 Jun 15 projects/
Breakdown:
dβ Directoryrwxβ Owner ( bob ) can list/add/delete filesr-xβ Group ( devs ) can list files but not add/delete---β Others blocked entirely
Key Insight:
Execute (
x) = Enter the directory (cd).Sticky Bit ( t ) ( e.g.,
/tmp): Only owners can delete their files.
3. Symbolic Link ( l )
Permission e.g. : lrwxrwxrwx 1 root root 11 Jun 15 config -> /etc/config
Breakdown:
lβ Symlink ( shortcut )rwxrwxrwxβ Permissions are ignored ( always shows full access )Points to
/etc/config( actual permissions depend on the target )
Security Note:
Always verify where symlinks point ( readlink -f config ).
Broken links appear in red in some terminals.
4. Character Device ( c )
Permission e.g. : crw-rw---- 1 root tty 5, 1 Jun 15 /dev/tty1
Breakdown:
cβ Character device ( streams data, like keyboards )rw-β Owner ( root ) and group ( tty ) can read/write5, 1β Major/minor device numbers
Use Case:
Serial ports, terminals ( /dev/tty* ).
Risk: World-writable (
crw-rw-rw-) = Privilege escalation vector.
5. Block Device ( b )
Permission e.g. : brw-r----- 1 root disk 8, 0 Jun 15 /dev/sda
Breakdown:
bβ Block device ( storage, like disks )rw-β Owner ( root ) can read/writer--β Group ( disk ) can only read8, 0β Major/minor numbers ( disk identifier )
Why It Matters:
Direct access to disks/partitions ( /dev/sda* ).
Critical: Write access = Raw disk modification ( e.g., dd if=/dev/sda ).
β οΈ Dangerous Permissions
π οΈ Common Commands
Viewing Permissions
| Command | Description | Example Output |
|---|---|---|
ls -l |
Detailed view | -rwxr-xr-- 1 user group 1024 Jan 1 file |
stat -c "%a %n" * |
Octal values | 644 file.txt |
Modifying Permissions
| Command | Effect | Secure Example |
|---|---|---|
chmod u+x |
Add owner execute | chmod u+x script.sh |
chmod 644 |
rw-r--r-- | chmod 644 config.txt |
chown user:group |
Change ownership | chown www-data:dev app.log |
β€οΈ Stay tuned β for more exciting content !