โ† Linux Command Line

Permissions and Users

~270 words ยท 2 min read

Who can do what?

Every file has three permission sets โ€” for the owner (user), the group, and everyone else (other). Each set has three flags:

  • r โ€” read
  • w โ€” write (modify or delete)
  • x โ€” execute (run as a program, or enter as a directory)

Reading ls -l

$ ls -l deploy.sh
-rwxr-xr-- 1 chris devs 412 Jul 5 10:00 deploy.sh

The first 10 characters break down as:

-        rwx       r-x       r--
type     owner     group     other
file     rwx       read+exec read only

Changing permissions with chmod

Use octal numbers โ€” one digit each for user, group, other. Each digit is the sum of read (4), write (2), execute (1):

chmod 755 script.sh   # rwxr-xr-x (owner full, others read+exec)
chmod 644 notes.txt   # rw-r--r-- (owner read+write, others read)
chmod 600 secret.key  # rw------- (owner only โ€” for private keys)
A common mistake: chmod 777 gives everyone full access. It's convenient, but it's the most common security hole on a shared server.

Changing ownership

sudo chown alice file.txt       # change owner
sudo chown alice:devs file.txt   # change owner and group

sudo โ€” acting as root

sudo ("superuser do") runs a single command with root privileges. It exists so you don't log in as root โ€” you stay a normal user and elevate only when needed, leaving an audit trail of who ran what.