In a typical UNIX-style file listing, a file will be displayed in the following way:
-rwxr-xr-- 1 john staff 40 Jan 1 11:35 name-of.file
The first symbol ("-") represents the type of file. In this case, it is a regular file; directories, for example, have a d there.
The file permissions determine what type of access to that file an authenticated user has.
The permissions are summarized in the following way:
- r stands for read permission;
- w stands for write permission;
- x stands for execute permission.
The permissions are divided into three parts:
The first three characters (rwx) are for owner permissions. The owner of the file (the user john) can read the file, write (modify) it, and execute it in case it is executable.
The next three characters (r-x) are for group permissions. Members of the staff group can read the file and execute it in case it is executable.
The last three characters (r--) are for other (world) permissions. These are the permissions for everyone else on the system. Users other than john who are not members of the staff group can only read the file.
For directories, the permissions have a slightly different meaning.
drwxr-x--- 1 john staff 4096 Jan 1 12:36 data/
Read determines if the user can get a list of the files in the directory;
Write determines if the user can create or delete files in the directory. A point of interest in this case is that if a username has write access to the directory, the user can delete files that are in that directory even if the username has no write permissions for the particular files;
Execute determines if the user can cd into the directory.
In this case, the owner (john) can do just about anything in the directory;
Members of the staff group can list the contents of the directory and browse it;
No one else is allowed access to the directory.
Permissions are also often represented by digits. For example, 755 is the same as rwxr-xr-x.
The permission bits correspond to a certain number: 4 stands for r, 2 for w, 1 for x. The reason for this is that in binary 100 (r--) is 4 in decimal; 10 (or 010, -w-) in binary is 2; and 1 (or 001, --x) in binary is 1 in decimal. This allows for adding the numbers together, which can give a number from 0 to 7 for each of the three parts of the permissions set.