If there is one aspect that stands out about Linux compared to other systems, such as Windows, it is security. And we are not only talking about vulnerabilities and privacy, but also about the way in which it manages the personal files of its users. Each file and each folder has defined permissions , without which no one can access the file in question. And, if we are learning to use Linux , permissions is one of the aspects that we must know and learn.
The file system that Linux uses is much more advanced, and at the same time simple, than that used by other systems, such as Windows. This is based on specifying whether the owner, user group, or anyone can read, write, or execute the file. Without a doubt, it is a very effective way to keep each user of the system under control, preventing them from accessing the data of others without permission.
It is true that this permission system can seem somewhat complicated. But, below, we explain what it is based on and how we can change these permissions to our liking.
What the “numbers” or “letters” mean in Linux permissions
Permissions in Linux can be reflected with both letters and numbers . Both ways are correct and just as functional. However, the most intuitive are the letters, since they allow us to better understand what permission it is. Numbers are more used by advanced users, being faster to specify.
Each file or folder that we find when listing the contents of a directory will be indicated with a symbol:
- – indicates that it is a file.
- d indicates that it is a directory.
- l indicates that it is a link (shortcut, for example).
And each file or directory has three different permission levels : one for the owner, one for users in the same group as the owner, and one for other users. In turn, each of these levels can have 3 different values depending on the degree of privileges that we specify in the system. These values can be specified by the following letters:
- r – read permission (allows to open, copy, etc).
- w – write permission (allows to modify it, delete it, etc).
- x – execute permission (if it is binary, it allows to execute it).
In this way, we have to choose the permissions (rwx) for each user level (owner, group and others).
For example, suppose we have a file called itigic” on our Linux hard drive. We are going to configure that the owner has full control over it (rwx), the members of the group read only (r–) and the other users have no permission (-). In that case, the permissions would be the following:
| Kind | Owner | Group | Others |
|---|---|---|---|
| Type – | Owner rwx | Group r– | Others — |
How Linux Permissions By Numbers Work
If we don’t like the letters, we can also use the numeric code to change the Linux permissions . This code is nothing more than the value of the binary code according to the permissions that are or are not used. Suppose that each of the permissions occupies a position in binary. In this case, rwx would be equivalent to 111 binary, which in decimal would be 7. r– would be 100 in binary, or what is the same, 4 in decimal. And – would be 000 in binary, 0 in decimal.
Following these guidelines, the permissions in the previous case example would be 740. The first digit corresponds to the owner of the file, the second to the group, and the third to all the others. The numbers of permits that we can find will be the following:
- 0 = –
- 1 = –x
- 2 = -w-
- 3 = -wx
- 4 = r-
- 5 = rx
- 6 = rw-
- 7 = rwx
Some examples of this would be:
| Owner | Group | Others | Outcome | |
|---|---|---|---|---|
| Letter code | Owner rwx | Group r– | Others — | Result rwxr —– |
| Numeric code | Owner 7 | Group 4 | Others 0 | Result 740 |
| — | Owner | Group | Others | Outcome |
| Letter code | Owner r– | Group — | Others — | Result r ——– |
| Numeric code | Owner 4 | Group 0 | Others 0 | Result 400 |
| — | Owner | Group | Others | Outcome |
| Letter code | Owner rx | Group rw- | Others –x | Result r-xrw — x |
| Numeric code | Owner 5 | Group 6 | Others 1 | Result 561 |
Both systems are just as effective, and each has its advantages and disadvantages. While the letters allow us to see the permission level more clearly, the numbers are much simpler, although you have to think a little more.
How to change permissions in Linux
To change the permissions in Linux you need to use the “chmod” command . This command must be accompanied by the new level of privileges that we want to give to the new file or directory, as well as a “+” if what we are going to do is give it that new permission, or a “-” if what we are going to do is remove permissions. We can also change the permissions of “group” and “other users” by adding the parameters “g” and “o” respectively. The owner would be indicated without this parameter, or with a “u”. And if we want to change the permissions to all at once, we can use the “a” parameter.
Starting from a “itigic” file, these are some examples to change the permissions using the letter code:
- chmod + rwx itigic -> add read, write and execute permission to the owner.
- chmod g + rwx itigic -> adds read, write and execute permission to the group of the owner user.
- chmod o + rwx itigic -> add read, write and execute permission to other users.
- chmod -x itigic-> removes execute permission from owner.
- chmod g-wx itigic -> removes the write and execute permissions from the owner user group.
- chmod o-rwx itigic -> removes all permissions from other users.
- chmod a + r -> add read permission to owner, group and other users.
We can also use the numeric code to change the permission level of any file as follows:
- chmod 777 itigic -> rwx permission for owner, group and other users.
- chmod 700 itigic -> rwx permission for owner, and group and users without permission.
- chmod 327 itigic – write and execute permission for owner, write for group and rwx for other users.
To change the privileges to a directory, the commands are the same, with the difference that instead of the file name we will have to specify the directory in question.
Change the owner or group of a file or directory
In addition to changing the permissions of the files or directories, if we have problems we can also change the owner or the group to which any of them belongs.
For example, we can change the group of a file (or directory) using the command “chgrp groupname file” (changing “groupname” by the name of the group we want to add, and “file” by the name of the file or directory that corresponds ).
We can also change who owns any file. To do this, we will use the “chown” command followed by the name of the new owner of the file, and the name of the file or directory on which to make the change.