Every Linux user or webmaster has to access and modify files at some point in time. One widespread error while doing so is knowing that you don’t have the required permissions.
Now a quick Google search will tell you to simply chmod permissions to a 777. But what does it mean, and should you really set all permissions to a 777? Read on to find out.
In this article, we’ve covered the following topics; click on any of them to scroll directly to that section of the article.
Also read: How to remove a Directory in Linux?
Linux file permissions explained
All Unix systems, including Linux distros and macOS, have a file control system in place that determines what user has what level of access to a file.
Mostly, there are two parts to this system — classes and permissions. Classes determine what users can access the file in question, and permissions, as you can guess, takes care of what a particular user can do with the given file.
In Linux, there are three classes.
- Owner: This is generally the creator of the file or folder. Any files or folders created in your home directory are owned by you unless stated otherwise.
- Group: This is simply a group of users that share the same permissions and privileges.
- Others: Just about everyone else.
Similarly, there are three different types of permissions that you can assign to a particular user.
- Read: Under this permission, the user can access the file and see its contents but cannot modify it in any way.
- Write: Gives a user permission to modify a file. If you get write access to a directory, you can add or remove files.
- Execute: Mainly used with executable files such as scripts or just about anything you’d need to run/execute.
Keeping in mind these classes and permissions, we can control who has what level of access to a particular file.
Generally, the file owner has all three permissions. However, if you’re not the owner of the file or folder, you’ll have to change the ownership or permissions of your group to get the desired permissions.
Also read: Mint vs Ubuntu: Linux distro comparison
What do the numbers mean?
All files and folders in Linux have 8-bit data that controls the permissions. In its most basic, binary form, this amounts to 000.
Read permission adds 4 bits of data, making the number 100 in binary or ‘4’ in the decimal format. Write permission adds 2 bits of data, making the number 010 or 2 in the decimal format. Similarly, an execute permission adds 1 bit to the data, making the number 001 or 1 in the decimal format.
Now while setting permissions, we add up the numbers to get the desired permissions. Here are the different combinations.
- 0: no permission
- 1: execute
- 2: write
- 3: write and execute
- 4: read
- 5: read and execute
- 6: read and write
- 7: read, write, and execute
So when you’re talking about the 777 permission, the first digit is assigned to the file owner, the second to the group and the third to others. Therefore, a 777 permission means that anyone can read, write or execute the given file.
Some other commonly used file permissions include the following.
- 755: The owner has all the permissions, but the group and everyone else can only read and execute. Web servers most commonly use this.
- 644: Only the owner can read or write the file; everyone else can only read. No one can execute the file.
- 655: The owner can read and write but can’t execute the file. Everyone else is free to read and execute the file, but they can’t modify the file in question
- 777: This permission gives everyone full access to the file. Unless you know what you’re doing, setting this permission isn’t recommended as it can be a potential security threat.
How to set file permissions in Linux?
Setting file permission in Linux is rather easy. All you have to do is use the chmod command followed by the file’s permission number and path.
chmod 755 /etc/bin/file.txt
If you’re setting permissions for a directory, be sure to use the -r flag before the permission number.
chmod -r 755 /etc/lampp/htdocs
Also read: Bash functions explained
Why should you avoid the 777 permission?
Aforementioned, using the 777 permission on a file lets anyone who has access to your system or server read, modify and execute the file. If you set a file to 777 on a web server, an attacker can change the file and execute it to run malicious code on your system,
As you can guess, that’s not ideal. It’s recommended that you use the 644 permission for files and 755 permission for directories when working with servers.
Also read: How to check the list of users in Linux?