Linux is a multi-user operating system which means that a system can be accessed by multiple users simultaneously. To protect against unauthorized file and directory modification, Linux provides security through ownership and permissions. Every file and directory in Linux is associated with three types of owners: user, group, and other. The user or the person that created the file is often the owner of the file. A group consists of users who share the same permissions as it relates to a given file or directory. Associating permissions to a group is much more convenient than assigning permissions separately to every individual belonging to the group. Finally, the other owners (also referred to as the world) include anyone else that that accesses the file/directory.
File/Directory Permissions
File permissions in Linux are broken down into three categories: read, write, and execute. The read permissions provide the authority to open and read a file. When it comes to a directory, read permissions allow one to list its contents. The write permissions provide authority that allows modification of a file. Write permissions on directories allow for the addition, renaming, and removal of files inside a directory. The execute permissions allow one to run a given file or program. In Linux, a program cannot be run if the execute permission is not set.
To see what files and directories are contained in the current directory we will use the command ‘ls -l’. At the left side and beginning of the row, we have the permissions for the file or directory. The first letter describes whether it is a file (represented by a -) or a dictionary (represented by the letter d). This is followed by three sets of permissions in the form of ‘-rw-rw-rw-’.
In the below screenshot, the top row starts with a ‘–’ which represents a file named file3 while the second row starts with ‘d’ which represents a directory named Music. After the ‘-‘ we have ‘rw-rw-rw-’. Here, the first three characters ‘rw-’ represent the permissions for the user or owner of the file which also happens to be called ‘user’. The second set of three characters ‘rw-’ represent permissions for the group which in this case is called ‘user’. The last three characters ‘r–‘ are the permissions for the others or world.
The character ‘r’ represents read permissions, ‘w’ represents write permissions, and ‘x’ represents execute permissions. The characters ‘rw-’ means that one has read and write but no execute permissions. The characters ‘r–‘ means that one has only read permissions.
Changing File Permissions
Linux provides the command ‘chmod’ (short for change mode) for the purpose of modifying read, write, and execute permissions. There are two modes under which permissions can be changed: absolute and symbolic. The absolute mode allows permissions to be specified in the form of a three-digit octal number. The digits range from 0 to 7 where 0 provides no permissions while 7 gives read, write, and execute permissions. The table below shows the digit, permission type, and symbol type.
The screenshot below shows an example of the use of the command ‘chmod’. Here the command is used to change the permissions for the user from ‘rw-’ to ‘rwx’ and that of the group from ‘rw-’ to ‘r-x’ by using the command ‘chmod 754 file3’. The absolute mode is represented by ‘754’ which gives the file owner read, write, and execute permissions. The group is given write and execute permissions while the others are given just read permissions.
The symbolic mode is another option for modifying file permissions. The symbolic mode syntax does not involve octal digits like the absolute mode. The symbolic mode makes use of the ‘+’sign for adding permissions, the ‘-’ sign for removing permissions, and the ‘=’ sign for setting permissions. The three different owners are represented by the character ‘u’ for the user, ‘g’ for the group, ‘o’ for other, and ‘a’ for all.
In the below screenshot, the permissions for the group have been changed from ‘r-x’ to ‘rwx’ using the command ‘chmod g=rwx file3’. On the other hand, the permissions for others have been modified from ‘r–’ to ‘rw-’ using the command ‘chmod o+w file3’.
Changing File Ownership and Group in Linux
Linux provides the capability to modify the owner of a file and also the group associated with the file. File ownership can be changed using the command ‘chown’ (short for change owner). For instance, in Ubuntu, if we wanted to change the ownership of the file named file3 from user to root, we can leverage the command ‘sudo chown root file3’ as shown below.
When it comes to changing a group, the command ‘chgrp’ (short for change group) can be used. For example, in order to change the group from user to root, we will use the command ‘sudo chgrp root file3’
