File Ownership and Permissions

It is important in multi-user system to ensure that files of one user cannot be accessed by another user, until and unless user is permitted to access the files. The user who creates the file, is by default the owner of that file. He can do whatever he wants to do with that file, like editing or deleting or renaming. If the member of the group has created the file then he can also own that file. User group will have the same permissions as that of file creator. This is a very important feature provided by Linux. Other users can also be granted privileges to the file so that other users can also work on the files created by the owner of the file.

There are 3 basic permissions of file in Linux:

a) Read Permissions:

Read permissions on file enables user to read, open and view the content of the files, but do not make any changes to it. On a directory, contents of the directory the file listing can be viewed. A file cannot be opened unless a read permission is provided by the owner of that file.

b) Write Permissions:

Write permissions allow you to write the file, which means you can make changes to the file. On a directory, this permission allows you to add, remove or rename the files in the directory. Hence, this permission will allow to make changes to the file, but deleting the file or renaming it can only be done if the directory allows you to do that.

c) Execute Permissions:

This permission means that you can execute the file as a program or shell script. The execute permissions allow you to access files in the directory and enter it on a directory.

Selective access can be strictly controlled by granting users different permissions.

Viewing File Permissions:

Write the following command:

$ ls -l

Now you will see the following output.

total 156
drwxrwxr-x  2 amuk amuk  4096 Apr 11 22:02 deja-dup
drwxr-xr-x 14 amuk amuk  4096 Aug 13 07:39 Desktop
drwxr-xr-x  2 amuk amuk  4096 Mar 12 09:34 Documents
drwxr-xr-x  7 amuk amuk  4096 Aug 13 14:28 Downloads
-rw-r--r--  1 amuk amuk  8980 Mar 12 09:28 examples.desktop
drwxrwxr-x 15 amuk amuk  4096 May  8 19:36 Google Drive
-rw-rw-r--  1 amuk amuk  1317 Apr  8 21:23 hr
-rw-rw-r--  1 amuk amuk 93438 Mar 19 11:48 mozilla.pdf
drwxr-xr-x  2 amuk amuk  4096 Mar 12 09:34 Music
drwxr-xr-x  2 amuk amuk  4096 May  1 19:32 Pictures
drwxr-xr-x  2 amuk amuk  4096 Mar 12 09:34 Public
drwxr-xr-x  2 amuk amuk  4096 Mar 12 09:34 Templates
-rw-rw-r--  1 amuk amuk    15 May 22 13:33 test
-rw-rw-r--  1 amuk amuk     6 May 22 13:39 test2
drwxr-xr-x  2 amuk amuk  4096 Mar 12 09:34 Videos

Now you can see the permissions along with other details of the file.

From the first 10 characters that appear at the start of the line, it is possible to see the ownership and permissions of the file. The first character indicates if it is a directory or file:   “d”  means
directory, and   “-”  means file. The next three letters denote the permission that the owner has.

“r”  in the second character means read permission
“w”  in the third character means write permission
“x”  in the fourth character means execute permission
“-”   means the corresponding permission does not exist.
 

You can change permissions of the file by using chmod command. The chmod is followed by a three-digit number used to indicate the permissions required. First digit indicates owner's permission, second digit indicates user group's permission and third digit indicates for all others.

The number coding is as follows:
7: full
6: read and write
5: read and execute
4: read only
3: write and execute
2: write only
1: execute only
0: none

Hence, the following command  will give you access to everyone to the the file named "filename"

$ chmod 777 filename

Following command will give only the owner of the file amuk.txt  permission to view and edit the file. No one else have rights to it.

$ chmod 600 amuk.txt

Thanks for reading