Skip to main content

Linux file permissions - what's with the numbers?

Everybody uses commands such as chomd +x "some file", chomd u+x "some file" (for the user only) or chmod 775 "some file"
 
The available options are read (r, or number 6), write (w or number 2) and Execute (x or number1).

Each of these can be applied to user, group or others making sense of 777 type permission commands.

A good explanation can be found here.

With the basic understanding of the Classes and Permissions, let’s delve into it further and see how the “777” or “775” come about.
Every file and folder contain a 8-bit data that control the permissions. At its basic binary form, it will be “000”, which means no permissions of any form is granted. When you set a “Read” permission, it will add 4-bit to the data, making it “100” (in binary format) or a “4” in the usual decimal format. Setting a “Write” permission will add 2-bit to the data, making it “010” and “2” in decimal form. Lastly, setting an “Execute” permission adds 1-bit to the data, which will result in “001”, or “1” in decimal form. In short:
  • Read is equivalent to ‘4’.
  • Write is equivalent to ‘2’.
  • Execute is equivalent to ‘1’
When we want to set permissions, we just add up the number. For example, to set the permissions to read and write, we will use ‘6’ (4 + 2) for the permission. For read, write and execute, we will use ‘7’ (4 + 2 + 1) for the permission. Here’s the different permutation:
0 – no permission
1 – execute
2 – write
3 – write and execute
4 – read
5 – read and execute
6 – read and write
7 – read, write, and execute

Depending on the permissions you want to grant to the file, you just set the number accordingly. What about the 3 digits ‘777’? Well, the first digit is assigned to the Owner, the second digit is assigned to the Group and the third digit is assigned to the Others. So for a file with ‘777’ permission, everyone can read, write and execute the file. Here are some of the commonly used permissions:
  • 755 – This set of permission is commonly used in web server. The owner has all the permissions to read, write and execute. Everyone else can only read and execute, but cannot make changes to the file.
  • 777 – Everyone can read write and execute. In a web server, it is not advisable to set ‘777’ permission for your files and folders as it allows anyone to add malicious code to your server. However, in some cases, you will need to set the 777 permissions before you can upload any file to the server (For example, uploading images in WordPress)
  • 644 – Only the owner can read and write. Everyone else can only read. No one can execute the file.
  • 655 – Only the owner can read and write, but not execute the file. Everyone else can read and execute, but cannot modify the file.

Comments

Post a Comment

Popular posts from this blog

Detaching a process from terminal - exec(), system(), setsid() and nohup

Linux processes are created by fork() and exec(). The very first process of POSIX systems is init and subsequent processes are derived from the init as parent. These subsequent processes are child processes. During forking the parent process copies itself - with all I/O, address space, stack, everything. The only thing that is different is the process ID. The parent and child will have 2 different process IDs. The system() library function uses fork(2) to create a child process that executes the shell command specified in command using execl(3) as follows: execl("/bin/sh", "sh", "-c", command, (char *) 0); system() returns after the command has been completed. system() executes a command specified in command by calling /bin/sh -c command , and returns after the command has been completed. During execution of the command, SIGCHLD will be blocked, and SIGINT and SIGQUIT will be ignored.  system() calls are often made within programs to execut...
Post a Comment
Read more

C++ Callbacks using function pointers vs boost bind +boost function

In C, the most common uses of callbacks are as parameters to library functions like qsort , and as callbacks for Windows functions, etc. For example you might have a library that provides some sorting functions but you want to allow the library user to provide his own sorting function. Since the arguments and the return values do not change depending on the sorting algorithm, this can be facilitated in a convenient manner using function callbacks. Callbacks are also used as event listeners. onMouseClick(), onTerminalInput(), onData(), onConnectionStatus(), onRead() are probably some examples you've already seen in different libraries. The libraries have these callback functions and the users of the library are supposed to implement them. The library has a function pointer to these functions and calls them on their event loop which will invoke the code of the inherited classes of the library user. The implementation of function pointers is simple: they are just "code p...
Post a Comment
Read more

sprintf, snprintf, strcpy, strncpy and sizeof operator

"C library functions such as strcpy (), strcat (), sprintf () and vsprintf () operate on null terminated strings and perform no bounds checking." "snprintf is safer than sprintf" What do these statements really mean? int sprintf ( char * str , const char * format , ... )  int snprintf ( char * s, size_t n, const char * format, ... );  char * strcpy ( char * destination, const char * source ); char * strncpy ( char * destination, const char * source, size_t num );   The usage is something like; char* msg1 = new char[10]; strcpy(msg1, "test"); // 1 char buffer[128]; sprintf(buffer, "%s", msg); //2 strcpy : Copies bytes until it finds a 0-byte in the source code. The string literal "test" has 4 characters and a terminating null character at end, therefore needs 5 characters at least on msg1.  Is this dangerous? Yes, because if the source message is not null terminated it will read until a null character ...
Post a Comment
Read more