File & Folder Permission
The Unix files access is controlled. There are three types of access (permissions):
- read
- write
- execute
Each file belongs to a specific user and group (ownership). Access to the files is controlled by user, group, and what is called other/everyone permission bits and is usually set using a numerical value.
For example, 644 as permission bit will result in:
Owner/User Group Other/Everyone 644
Each number represents the access level and it can be from 0 to 7.
Different access levels depending on the numbers:
- 0 – no access to the file whatsoever
- 1 – execute permissions only
- 2 – write permissions only
- 3 – write and execute permissions
- 4 – read permissions only
- 5 – read and execute permissions
- 6 – read and write permissions
- 7 – read, write and execute permissions (full permissions)
Thus the above 644 permissions example will look like this:
Owner/User - Read and Write
Group - Read only
Other/Everyone - Read only
You can execute a script to allow everyone to read it but the only one who can write in it is your user. Therefore, you would need to set 755 as permissions:
Owner/User - 7 - Full permissions
Group - 5 - read and execute
Other/Everyone - 5 - read and execute
Changing the permissions to 700 will make the file visible only for your username. No one else and setting it to 444 will allow only the file creator to modify it.
Furthermore, the command you need to execute to actually change the permissions is called ‘chmod’. Its syntax looks like this:
chmod 755 file_name
The above example changes the permissions of the file_name file and sets them to 755.
You can recursively change the permissions of all folders and files using the recursive argument:
chmod -R 755
This will modify the permissions of all files in the current folder and set them to 755.
Now you might wonder what the above user/group values are. These two settings are the actual ownership flags for a file or a folder. Each file has a primary user that owns it and a group assigned to it. To change those values, a special command exists — ‘chown’. Its syntax is:
chown user:group file
For example:
chown user:siteground file_name
The above line will set the owner of the file to ‘user’ and the group to ‘siteground’.
Moreover, changing ownership recursively is also permitted. The flag is -R:
chown -R user:siteground *
For more articles on the topic Security, proceed to our Knowledge Base to find out more.