*nix File Permissions - An Overview

[michaelper22 0]

I was originally going to post this in a reply, but felt it would deviate from the topic.Here's a brief overview of the three numbers in a permission "code":-The first number is for the owner of the file. If you set a file at 600, the owner will have read and write access and everyone else is locked out.-The second number is for the users group (users are placed into groups to get special rights sometimes). Generally you will not give write access to a user's group.-The third number is for the rest of the world, including web users. Setting any value that will allow write access to the world is not smart (aka 666 and 777).Explanation of the permission values:-To get a permission value, you add up certain amounts, depending on what permissions you want:-- 4 is equal to read access-- 2 is equal to write access-- 1 is equal to execute access (or, in the case of a directory's permissions, it equals directory listing access, meaning you can retrieve a listing of all the files in a directory).Let's look at this in a real-world example:We have Joe's web site. He has the web page file home.html, the directory scripts, and the script file contact.php, which is located in scripts://home.html/scripts//scripts/contact.phpWe should set the permisions for each file as follows, for the reason outlined:-home.html: 644 - this will give the file write access to the owner, and read access to the rest of the world.-/scripts/: 755 - this will allow the owner all rights (read, write, listing), and give outsiders everything but write access.-/scripts/contact.php: 755 - this will give the owner full rights, as well as allow the script to execute under any user.This is not an exhaustive guide to *nux file permissions, and don't take me for a Linux system admin. But it will help the average hosting user understand how to give permissions to his site's files.Edit: Please note that if you include a file in a PHP script using the include(), include_once(), or the require equivelants, then you don't need to CHMOD the file that you're including.

Edited November 24, 2006 by michaelper22 (see edit history)

[gameratheart 0]

Simple and to the point. Thanks for posting about this. I know a lot of people don't understand the concept of Permission Changing (or CHMOD as it is commonly known), so this will definately help!

[beeseven 0]

You could throw in some stuff about AFS if you want... it's not too hard but it has its intricacies.

[michaelper22 0]

You're all welcome for this tutorial; but as I mentioned, it was designed to answer a particular question rather than be an actual tutorial.

You could throw in some stuff about AFS if you want... it's not too hard but it has its intricacies.

What exactly is AFS?

[special 0]

Bin there done that, there a site with this even with a permission counter http://ss64.com/bash/chmod.html more eassy

[beeseven 0]

AFS stands for Andrew File System. It's used in some *nix networks (like my school's and probably others). Its permissions are kind of weird, but I guess it's not completely relevant for this tutorial.

[kkrizka 0]

This seems like a nice tutorial for people that just want to know what those numbers mean. But it would also be nice to give more background, maybe at the end or a seperate section, on how those numbers were created. Here is a short summary from what I know.Seach number consists of 3 bits. The first bit is read, second is write and third is execute. Since each bit can be eighter 0 or 1, then 0 means that one dosn't have those permissions and 1 means that he has. Also these numbers are binary, so they can be converted into the decimal number system. So let's look at some examples:r | w | x | in decimal----------------------1| 0 | 0 | 4 <--can read only, just like in your 1| 1 | 0 | 6 <--Can read and modify