Unix permissions control who can read, write or execute a file. You can limit it to the owner of the file, the group that owns it or the entire world.
For security reasons, files and directories should never be made world-writable.
A Unix file or folder has a single individual owner plus a single group owner. Permissions are set for the owner, the group and everyone. Permissions can be changed by modifying the octal of the file, or by adding or removing a specific permission.
To view current permissions of a file, use either below:
with a program like PuTTY or ssh, then go to the directory where the files are located and enter the command ls -l.
|7||read, write and execute||rwx|
|6||read and write||rw-|
|5||read and execute||r-x|
|3||write and execute||-wx|
To change the permission by octal, determine what permission you want for the file, with 0 being none, 4 read, 2 write and 1 execute, which combine for numbers 0 through 7 (see above). The first number is for the owner, the second for group and the third for other, or everyone.
Therefore, to give the owner and group of a file program.exe read, write, and execute permission, but everyone else no permission, you would use the chmod command as follows:
chmod 770 program.exe
(4+2+1 for owner, 4+2+1 for group and 0 for other)
You can also add or remove a permission. Use u for the owner, g for the group or o for other, then add (+) or subtract (-) a permission (r for read, w for write and x for execute):
chmod u+w filename.ext
would add write permission for the file's owner
chmod o-r filename.ext
would remove read permission for others.
Groups are uniquely named entities for a particular system that can be used to specify file permissions. For example, at UB, there are institutional and AD groups.
Every user may be a member of one or more “groups”, including a “primary group”. Every file belongs to only one user and to only one group.
When a file is created in Unix, its owner is the person who created it. The default group is the primary group of the owner or the group of the directory in which it was created. Changing the group owner of a directory causes all files subsequently created in that directory to be created with the new group.
To change the owner of a group, an owner can issue the chown command:
Using the Recursive flag (-R) causes a change (add, replace or remove) made to any folder to be made to all its subfolders and files.
chmod -R 772 foldername
setuid (set user ID) is a flag in Unix file systems that:
To set setuid:
chmod 4XXX filename
(where XXX are the octal numbers of the permissions you want to set and filename is the name of the file)
setgid (set group ID) is a flag in Unix file systems that:
To set setgid:
chmod 2XXX directory
(where XXX are the octal numbers of the permissions you want to set and directory is the name of the directory)
Sticky bit is a flag for directories in Unix file systems that:
To set sticky bit, use: