Linux Terminal 101: How to Use Permissions

Permissions exist for Linux computers so more than one person can use a machine at one time and only be allowed to do certain things.

If you've ever had an output that says "permission denied", that means you do not own the file you're trying to change, or you haven't been granted access. Users can own files, or belong to a group that has permission to access files by the owner. The owner of a file can also grant access to everybody AKA the world. Check your identity using the id command. First you see the user ID number, then your primary group ID, and any other groups you belong to. The /etc/passwd file shows the user accounts, while the /etc/group file shows the group information. The /etc/shadow file includes info on the user's password. These files output the information for the id command, and each one is updated when new accounts are created.

How do you tell if you can access a file or not?

For example, type ls -l example.txt. Your answer is in the first 10 characters. The first is the file type, the next 9 are the read, write, and execute permissions for the file's owner, the group, and everybody else. For the file type -, d means a regular file or a directory. l, c, b means a symbolic link, a character special file, or a block special file. A character special file is like a terminal or modem. A block special file is like a hard drive or CD-ROM (data in blocks). R, means you can open and read (files), contents listed (directory), w means you can write to (file), or create files in a (directory), and x means executed (file), or enter a directory.

-rwxr-xr-x means this regular file can be read, write, and executed by the owner, but only read and executed by the group and everybody else. drwxr-x--- means this directory can be entered or files to be created, deleted, or renamed inside the directory by the owner, but the group can only enter it. Everyone else can do nothing.

We're back with changing file modes. If you are the file's owner, you can change the file's permissions with the chmod command. To change using a number scheme (octal representation), you would need to know the following: 0 in octal means 000 in binary means ---, 3 in octal means 011 means -wx, 7 in octal means 111 means rwx, 6 in octal means 110 in binary means rw- and so on.

To change ls -l example.txt so your desired permission output, do this: chmod 600 example.txt. Then type ls -l example.txt and you'll see it changes to -rw-------. The 600 means (6, or 110) rw-, (0, or 000)---, ---. You can also change modes usingsymbolic notation: u for user owner, g for group owner, o for others or world, and a for all. So for example: u-x means owner cannot execute, go=rw means group and others can only read and write. u+x means owner can now execute. So now you know how to use both octal and symbolic notation to work with chmod! This can be done in the GUI as well by right clicking the file or directory.

Had any weird experiences with permissions? Make sure to email me tips@hak5.org with your thoughts. And be sure to check out our sister show, Hak5 for more great stuff just like this. Dont forget to check out our new show Threat Wire, for internet privacy and security news at youtube.com/techfeed. I'll be there, reminding you to trust your technolust.