File Protections
A Linux system may have many users with login accounts. To maintain privacy and security, most users can access only some files on the system, not all. This access control is embodied in two questions:
- Who has permission?
Every file and directory has an owner who has permission to do anything with it. Typically the user who created a file is its owner, but relationships can be more complex.
Additionally, a predefined group of users may have permission to access a file. Groups are defined by the system administrator and are covered in Group Management.
Finally, a file or directory can be opened to all users with login accounts on the system. You’ll also see this set of users called the world or simply other.
- What kind of permission is granted?
File owners, groups, and the world may each have permission to read, write (modify), and execute (run) particular files. Permissions also extend to directories, which users may read (access files within the directory), write (create and delete files within the directory), and execute (enter the directory with
cd).
To see the ownership and permissions of a file, run:
$ ls -l myfile -rw-r--r-- 1 smith smith 7384 Jan 04 22:40 myfile
To see the ownership and permissions of a directory, run:
$ ls -ld dirname drwxr-x--- 3 smith smith 4096 Jan 08 15:02 dirname
In the output, the file permissions are the 10 leftmost
characters, a string of r (read),
w (write), x (execute), other letters, and dashes. For
example:
-rwxr-x---
Here’s what these ...
Get Linux Pocket Guide, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
