A file or directory can be owned and shared by an user and in an group, so in *nix, we have three types of permission groups: "owner", "group" and "others".
Others are in general "everyone", and group are a group of users, where an user can belong to many groups. Usually the owner has more permissive permissions than group, and vice versa for group vs others, though often they have the same permissions.
A normal permission is defined by three flags, a read flag, an write flag, and an execute flag. As file extensions doesn't specify if a file is a program or not, there is instead a flag that specifies if an user can execute an file or not.
By counting this flags now, we have 9 flags, which is basically 9 bits in the file table. When visuallized in "ls", the permissions is displayed as following: "-rw-r--r--". This is ten characters, where the first character specifies what kind of file it is (d for direcory for example), after that, each three letter specifies user, group and others. In this example, the string tells us it is an regular file where everyone can read the file, but only the owner can write to it.
For directories, there is a bit difference; for them the execute flag (x) specifies if the user in question can "cd" into the directory. Thus a normal permission string for an directory is "drwxr-xr-x", which means that everyone can read files in the directory, and everyone can read what files exists in the directory, but only the owner can add and remove files in the directory.
Often the permission is mapped to an octal representation, where 1 = execute, 2=write and 4=read, thus the above permission is mapped to 644 and 755.
Generally there is three more flags, which is mostly important, but not often used in everyday user use. There are the setuid (4), setgid(2) and sticky bits (1).
In the ten letter view, these flags are inserted into the other groups, where it maps over the "x" flag. In the owner field, "S" if no x flag and setuid, "s" if x flag and setuid, similar in group field for setgid. In the other field, an "t" and "T" is used for sticky bit.
The sticky bit isn't used much nowadays for regular files, though it is used for directories, which results in that files in the directory can only be removed by the owner of the said file (used for example on the /tmp directory).
To change permission on a file, you can use "chmod":
Relative (write permission to the group):
Code: Select all
chmod g+w file...Code: Select all
chmod 755 file...Code: Select all
chmod 1755 file.../Carl