Linux is based on the idea that the same system is going to be used by different users. With different users accessing the same system, there arises the need of permission. Think of it like this, you are sharing a room with different person/people in a hostel. There are a few things that are common to all, say table, chair, etc. But you still need some personal space (most likely your cupboard in this analogy) where you keep things that are accessible only by you.
Same concept can be applied in case of files present in your linux system. There are different users who can locate these files, but depending upon the type of permission those users can read them or modify them.
To check the permissions of files in a particular folder, run this:
You will get something like this as output:
-rw-rw-r-- 1 shivam users 4004 May 8 20:19 CONTRIBUTING.md
Lets understand it backwards i.e right to left.
CONTRIBUTING.md: is the name of the file.
May 8 20:19: represents the time this file was last modified/created.
4004: is the size of the file in bytes.
users: is the group of users to which this file belongs.
shivam: is the owner of the file.
1: is the number of files.
Now comes the file permissions.
starting ‘-‘ means its a file. Had it been a directory, you would have found a ‘d’.
Now, ‘rw’ represents the permissions of the owner. In this case the owner has both read and write permissions.
Second ‘rw’ represents the permission of group of users. Here as you can see even the group users have both read and write permissions(not quite secure, eh?).
Finally the ‘r’ is the permission for everyone else, i.e. they can only read the file and cannot edit it.
Changing the permissions
You can change the permissions of the file using the chmod command which changes the permission for the site.
sudo chmod 0600 CONTRIBUTING.md
Now if you do ls -l, you will get
-rw------- 1 shivam shivam 4005 May 24 22:47 CONTRIBUTING.md
meaning only the owner had read and write permissions. Other cant even read it.
Different file permissions and there meaning are as follows:
|777||(rwxrwxrwx) No restrictions on permissions. Anybody may do anything. Generally not a desirable setting.|
|755||(rwxr-xr-x) The file’s owner may read, write, and execute the file. All others may read and execute the file. This setting is common for programs that are used by all users.|
|700||(rwx——) The file’s owner may read, write, and execute the file. Nobody else has any rights. This setting is useful for programs that only the owner may use and must be kept private from others.|
|666||(rw-rw-rw-) All users may read and write the file.|
|644||(rw-r–r–) The owner may read and write a file, while all others may only read the file. A common setting for data files that everybody may read, but only the owner may change.|
|600||(rw——-) The owner may read and write a file. All others have no rights. A common setting for data files that the owner wants to keep private.|