File and Directory Permissions in UNIX

File and directory permissions control the ability of users to view and/or make changes to the files and directories in the file system. In UNIX, there are three types of access modes:

read [r]: User may look at the file or make a copy of it.
write [w]: User may modify or remove the file, or files in a directory.
execute [x]: User may execute the file if it is executable.

Access modes are specified for each file and directory three times, for the following distinct classes:

owner: The owner of the file or directory
group: The group that owns the file or directory
other: The other users who do not own the file or directory or belong to the owning group

For example, in -rwxr-xr-x

The first character indicates the file type, which in this case (-) is a regular file. (Directories are specified with a d.)
rwx indicates that the owner of the file has full (read, write and execute) permissions to the file.
r-x indicates that user group is allowed to read and execute the file.
r-x indicates that other users are allowed to read and execute the file.

File permissions can also be expressed in octal (base-8) notation, which consists of three digits. The first digit specifies the permissions given to the owner of the file, the second digit specifies the permissions for the user group associated with the file, and the last digit specifies the permissions given to all other users.

Table A.1. Permission bits in octal and symbolic notation

Octal notation	Symbolic notation	Meaning
0	`---`	No access
1	`--x`	Execute-only
2	`-w-`	Write-only
3	`-wx`	Write and execute
4	`r--`	Read-only
5	`r-x`	Read and execute
6	`rw-`	Read and write
7	`rwx`	Read, write and execute

For example, 755 (equivalent to -rwxr-xr-x) specifies that the owner of the file has full permissions to the file, and the user group and others are allowed to read and execute the file.

700 (equivalent to -rwx------) specifies that the owner of the file has full permissions to the file, and the user group and others do not have access to the file.

To see the permissions of a file in USS, enter the following:

> ls -l filename

The ls -l command lists files in the long format, showing their file type, permissions, number of hard links, file owner, group, file size, and the date of last modification. If you do not specify a file name, the command lists the information for all the files in your current working directory.