What Is Directory Permissions Of Linux And Unix

Directory permissions use those same flags to indicate who can list files in a directory (r), create and remove files in the directory (w), or cd into or traverse (x) the directory. Carefully consider both the file permissions and the directory permissions to get the desired end result. For example, you can give a user read permission for a file, but the user won't have access to it without also having permission to traverse the directory tree that contains the file.

When setting permissions, the execute flag can be set to upper-case X, which differs from the lower-case x setting. The X permission allows execution only if the target is a directory or if the execute permission has already been set for the user or group. It is useful in the case of handling directory trees recursively.

To modify the permission flags on existing files and directories, use the chmod command ("change mode"). It can be used for individual files or it can be run recursively with the -R option to change permissions for all of the subdirectories and files within a directory.

Every file (and directory) has an owner, an associated Unix group, and a set of permission flags that specify separate read, write, and execute permissions for the "user" (owner), "group", and "other". Group permissions apply to all users who belong to the group associated with the file. "Other" is also sometimes known as "world" permissions, and applies to all users who can login to the system. The command ls -l displays the permissions and associated group for any file. Here is an example of the output of this command:

This is a directory named "private", owned by user elvis and associated with Unix group elvis. The directory has read, write, and execute permissions for the owner, and no permissions for any other user.

This is a directory named "share", owned by user elvis and associated with group bigsci. The owner can read and write the directory; all members of the file group bigsci can list the contents of the directory. Presumably, this directory would contain files that also have "group read" permissions.

This is a directory named "public", owned by user elvis and associated with group bigsci. The owner can read and write the directory; all other users can only read the contents of the directory. A directory such as this would most likely contain files that have "world read" permissions.

PIs and PI Proxies can use the PI Toolbox to adjust permissions in their CFS directories: they can change group permissions, make files and directory group readable or writable, and change ownership of files.

You can protect the files in a directory and its subdirectories by settingrestrictive file permissions on that directory. Note, however, that superuserhas access to all files and directories on the system.

When the setgid permission is applied to a directory,files that were created in this directory belong to the group to which thedirectory belongs. The files do not belong to the group to which the creatingprocess belongs. Any user who has write and execute permissions in the directorycan create a file there. However, the file belongs to the group that ownsthe directory, not to the group that the user belongs to.

When you create a file or directory, you create it with a default setof permissions. The system defaults are open. A text file has 666 permissions,which grants read and write permission to everyone. A directory and an executablefile have 777 permissions, which grants read, write, andexecute permission to everyone. Typically, users override the system defaultsin their /etc/profile file, .cshrc file,or .login file.