1.1.2. File ownership and permissions

Linux/Unix operating systems have the ability to multitask in a manner similar to other operating systems. However, Linux’s major difference from other operating systems is its ability to have multiple users. Linux was designed to allow more than one user to have access to the system at the same time. In order for this multiuser design to work properly, there needs to be a method to protect users from each other. This is where permissions come in to play.

Linux is based on the idea that everyone using a system has their own username and password. Every file belongs to a user and a group, and has a set of given attributes (read, write and executable) for users, groups and others (everybody). A file or folder can have permissions for read and write only for the owner of the file (the user it belongs to) or for the users form a group, so that all other users can't even read the file.

Permissions are the “rights” to act on a file or directory. The basic rights are read, write, and execute.

• Read - a readable permission allows the contents of the file to be viewed. A read permission on a directory allows you to list the contents of a directory.
• Write - a write permission on a file allows you to modify the contents of that file. For a directory, the write permission allows you to edit the contents of a directory (e.g. add/delete files).
• Execute - for a file, the executable permission allows you to run the file and execute a program or script. For a directory, the execute permission allows you to change to a different directory and make it your current working directory. Users usually have a default group, but they may belong to several additional groups.

To view the permissions on a file or directory, issue the command ls -l <directory/file>. Remember to replace the information in the < > with the actual file or directory name.

Example 1. Sample output for the ls -l  command:
     -rw-r--r-- 1 cecmi cecmi 1031 Nov 18 09:22 /home/cecmi/Documents/file

The first ten characters show the access permissions. The first dash (-) indicates the type of file (d for directory, s for special file, and - for a regular file). The next three characters (rw-) define the owner’s permission to the file. In this example, the file owner has read and write permissions only. The next three characters (r–) are the permissions for the members of the same group as the file owner (which in this example is read only). The last three characters (r–) show the permissions for all other users and in this example it is read only.

Example 2. Sample output for the ls -l  command:
     drwxr-xr-x 2 cecmi cecmi 4096 Jan  9 10:11 Documents

where
     drwxr-xr-x are the permissions
     2 is the number of files or directories
     cecmi is the owner
     cecmi is the group
     4096 is the size
     Jan  9 10:11 is the date/time of last access
     Documents is the directory

NOTE: Since a directory itself is a file, any directory will always show 4096 as it’s size. This does not reflect the size of the contents of the directory.

Example 3. Sample output for the ls -l  command:

where
Filename             Description

Desktop              It is a directory with rwx for the owner, rx for the group and rx for others.
Documents        
Downloads           Are directories with rwx for the owner and for the group, and rx for others.
file_read             The file is readable only for the owner.
file_read_write                 The file is readable and writable only for the owner.
file_read_write_execute     The file is readable, writable eand executable only for the owner.
file_rwx_all                       The file is readable, writable eand executable for all/evrybody.