File Protections
A Linux system may have many users with login accounts. To maintain privacy and security, each user can access only some files on the system, not all. This access control is embodied in two questions:
Who has permission? Every file and directory has an owner who has permission to do anything with it. Typically the user who created a file is its owner, but relationships can get more complex.
Additionally, a predefined group of users may have permission to access a file. Groups are defined by the system administrator and are covered in Working with Groups.
Finally, a file or directory can be opened to all users with login accounts on the system. You’ll also see this set of users called the world or simply other.
What kind of permission is granted? File owners, groups, and the world may each have permission to read, write (modify), and execute (run) particular files. Permissions also extend to directories, which users may read (access files within the directory), write (create and delete files within the directory), and execute (enter the directory).
To see the ownership and permissions of a file, run:
$ ls -l filenameTo see the ownership and permissions of a directory, run:
$ ls -ld directory_nameThe file permissions are the 10 leftmost characters in the output, a string of r (read), w (write), x (execute), and other letters. For example:
drwxr-x---
Here’s what these letters and symbols mean.
Position | Meaning | |
| File type: |
Get Linux Pocket Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
