Access rights - Meaning and change

Aus Gemini-Wiki
Zur Navigation springen Zur Suche springen
Deutsch.png - in German English.png - in English


In Linux every file and folder has three levels of permissions. They apply to

  • Owner
  • Group
  • Others

Each of that levels can be assigned with different permissions. That permissions are

  • r like „read“ to read
  • w like „write“ to write
  • x like „execute“ to execute a file (for folders x means, the folder can be opened.)

With "ls -l" you can see the content of a Linux-folder. On the left side, you see the file-permissions, eg. "rwxrw-r--". You have to read them from the left to the right. The owner is "rwx", the group "rw-" and the others "r--". If at first place is a "d", then it is a directory.

Those permissions can be (octal-) numbers, too. At this case, every digit is for a permission-level. The first for the owner, the second for the group and the third for others.

The digit comes from the approved permissions:

  • r = 4
  • w = 2
  • x = 1

The given permissions just be summed.

Example: If the owner should be able to read, write and execute a file, so you have to add up 4 + 2 + 1 which makes 7. If the group may only read and execute the file, you hav to add up 4 + 1 whis is 5. The others do have no permissions to that file, so it is 0. In this example the permissions are now 750. To set those permissions to a file in linux, use the command chmod.

It results in this structure:

Read Write Execute Read, Write Read, Execute Read, Write, Execute
rwx notation r-- -w- --x rw- r-x rwx
Octal-Numbers 4 2 1 4+2=6 4+1=5 4+2+1=7

Special Rights

There is often also a fourth digit on first place of the number. It sets the attributes "set user ID", "Set group ID" and "sticky".

This attributes are available

  • 4 as the "SUID" (also called "Set User ID" or "Setuid")
  • 2 as the "SGID" (also called"Set Group ID" or "Setgid")
  • 1 as the "Sticky-Bit" (also called "t-Bit")

In Samba, this digit is often 0. The command "man chmod" tells you more about attributes.

With the commands "chown" and "chgrp" you can make owner and groups angry. More about that will tell your the corresponding man-entries.

You can change the permissions with a command-line tool like Telnet.