Post

Unix File Permissions Explained

Posted Updated
By Rupesh Bhandari
3 min read
Unix File Permissions Explained

To chmod or not to chmod 777, that is the question.
— A wise sysadmin at 3 AM

Welcome to the wild world of Unix file permissions — where three letters decide whether your script runs like a charm or ends up throwing a permission denied error that makes you question your career.

In this guide, we break down those cryptic rwxr-xr-- strings, explain who gets to do what with your files, and sprinkle in some terminal humor.

Meet the Trio: Owner, Group, and Others

Every file in Unix is protected by three types of users:

WhoDescription
OwnerThe person who created the file
GroupA team or set of users
OthersEveryone else on the system

Each of these roles can be assigned specific powers — the Unix equivalent of magical abilities — using r, w, and x.

The Three Permissions

SymbolNameWhat It Allows You To Do
rReadView the file contents
wWriteModify or delete the file
xExecuteRun the file as a program or script

So rwx means full control. rw- is like “edit but don’t run”, and r-- is “you can look, but don’t touch.”

The Famous Nine: Understanding rwxr-xr–

Here is how a typical permission string looks:

1

-rwxr-xr–

Here’s what each part means:

PositionCharactersWho?Meaning
1st-File type- = file, d = directory, l = symlink
2nd–4thrwxOwnerRead, write, execute
5th–7thr-xGroupRead, no write, execute
8th–10thr--OthersRead only

So, -rwxr-xr-- means:

  • It’s a file (-)
  • The owner can read, write, and execute
  • The group can read and execute
  • Others can only read

Octal Permissions Cheat Code

Unix uses numbers to represent these permissions:

PermissionBinaryOctal
r1004
w0102
x0011
rwx1117
rw-1106
r--1004

Examples:

  • chmod 755 means rwxr-xr-x
  • chmod 700 means rwx------
  • chmod 644 means rw-r--r--

Common chmod Use Cases

OctalSymbolicDescription
777rwxrwxrwxEveryone can do everything (Nope)
755rwxr-xr-xOwner full, others can run
700rwx------Owner-only access
644rw-r--r--Common for config or HTML files
600rw-------Private data files

Real Life Permission Scenarios (Cheat Table)

CommandPurposeAccess Level
chmod 700 secret.shLock it down — private script or fileOnly owner: read, write, execute
chmod 644 index.htmlPublic read access — for web filesOwner can edit, others can view
chmod 755 public/Public directory with no write accessOwner full, others can run/view
chmod 777 party.txtThe Wild West — full access to allEveryone: read, write, execute
chmod 664 report.txtGroup collaboration — shared editingOwner/group edit, others read
chmod 750 deploy.shExecutable script for your teamGroup can run, only you edit
chmod 644 terms.pdfReadable document served publiclyOwner writes, world reads
chmod 600 diary.txtYour eyes only — maximum privacyOnly owner can read/write
chmod 555 run_me.shNo edits, just executionAll can run, none can edit
chmod 666 config.ymlRead/write by all, but not executableEveryone can edit (handle with care)

Essential Commands Recap

CommandWhat It Does
ls -lView file permissions
chmodChange file permissions
chownChange the file owner
chgrpChange the group associated with file

Visual Reference

flowchart TD
    A[Unix File Permissions] --> B[rwxr-xr--]
    
    B --> C1[Owner: rwx]
    C1 --> D1[Read (r)]
    C1 --> D2[Write (w)]
    C1 --> D3[Execute (x)]
    
    B --> C2[Group: r-x]
    C2 --> D4[Read (r)]
    C2 --> D5[No Write (-)]
    C2 --> D6[Execute (x)]
    
    B --> C3[Others: r--]
    C3 --> D7[Read (r)]
    C3 --> D8[No Write (-)]
    C3 --> D9[No Execute (-)]

Pro Tips

• Do not casually use chmod 777. It’s the nuclear option. • Use groups to manage shared access. • Always verify your umask settings for default file permissions.

References

Operating Systems, Linux, Unix
Permissions chmod
This post is licensed under CC BY 4.0 by the author.