Chmod explained – Understanding permissions
The mode is described by three or four octal (0 to 7) digits e.g. 0000 to 7777 (although not all are used). The rightmost three digits refer to the basic access levels assigned to user, group, and other. Normaly only three digits are used when making changes to permissions using chmod. These last three digits are explained thus
- User – the permissions granted to the owner of the file or directory
- Group – the permissions granted to the group to which the file or directory is assigned
- Other – the permissions granted to any other account or unauthenticated guest
Each of the above digits is an octal representation of a three bit binary word (sounds horrible, but the diagram will make it easier) – each bit corresponds to a particular type of access being granted as follows (from the most significant bit downwards):
- Read – The contents of a file can be read. For a directory it means the directory information can be read.
- Write – Files can be appended to, or deleted (and modified when the Read bit is also set). For a directory, this means that files and sub directories can be created.
- eXecute – Files can be executed as a process. For a directory it means the directory can be accessed (not necessarily read) and traversed.
As always, chmod explained by a picture is worth a thousand poorly chosen words:
So, for example
- chmod 640 allows the user to read/write (4+2), the group to read only, and provides no access for anyone else.
- chmod 777 allows everybody to do everything – very bad indeed!
Read on to find out how linux permissions work with directories.