CHMOD

CHMOD: Understanding File and Directory Permissions

In Unix-like operating systems (such as Linux and macOS), CHMOD is a command used to change the file or directory permissions. Permissions control who can read, write, or execute a file or directory.

Permission Structure

Permissions are grouped into three categories:

1. User (Owner) – The person who owns the file.
2. Group – Other users in the same group as the file owner.
3. Others (World) – Everyone else (public).

Each category can have one or more of the following permissions:

• Read (r) – View the contents of a file or list files in a directory.
• Write (w) – Modify or delete the file or directory contents.
• Execute (x) – Run the file as a program or access files in a directory.

Numeric Representation of Permissions

Permissions are typically represented as a three-digit number (e.g., 755 or 644), where each digit represents the permissions for the user, group, and others. Each permission is assigned a numerical value:

• Read (r) = 4
• Write (w) = 2
• Execute (x) = 1

The permissions are summed to form a number:

• 7 = Read + Write + Execute (4 + 2 + 1 = 7)
• 6 = Read + Write (4 + 2 = 6)
• 5 = Read + Execute (4 + 1 = 5)
• 4 = Read only (4)
• 3 = Write + Execute (2 + 1 = 3)
• 2 = Write only (2)
• 1 = Execute only (1)
• 0 = No permissions (0)

Common CHMOD Settings

Here are some common CHMOD settings:

How to Configure and Change File/Directory Permissions Using CHMOD

You can change the permissions using the CHMOD command followed by the numeric value or symbolic representation, and the file or directory name.

Using Numeric Mode

chmod 755 filename

This command sets the file permissions to 755, allowing the owner to read, write, and execute the file, while the group and others can only read and execute.

Using Symbolic Mode

In symbolic mode, you can modify permissions using letters (r, w, x) and operators (+, -, =):

• +: Adds a permission.
• -: Removes a permission.
• =: Sets permissions exactly.

For example:

chmod u+rwx,g+rx,o+rx filename

This command sets:

• u+rwx – User can read, write, and execute.
• g+rx – Group can read and execute.
• o+rx – Others can read and execute.

Changing Directory Permissions

To change the permissions of a directory and all its contents (recursively), use the -R flag:

chmod -R 755 directoryname

This command will set permissions for the directory and all its subdirectories/files to 755.

Examples of CHMOD in Practice

1. CHMOD 755 (Common for Executable Files)

chmod 755 script.sh

•  
  • The owner can read, write, and execute the script, while everyone else can only read and execute it.
• CHMOD 644 (Common for Web Files)

chmod 644 index.html

•  
  • The owner can read and write the file, while others can only read it. This is useful for files on web servers.
• CHMOD 777 (Full Permissions for Everyone - Risky)

chmod 777 myfile

•  
  • Full permissions (read, write, execute) are given to everyone. This is not recommended for sensitive files or directories as it can lead to security issues.
• CHMOD 700 (Only User Has Access)

chmod 700 privatefile

1.  
   • Only the owner of the file can read, write, and execute. The group and others have no permissions.

How to View Current Permissions

To view the current permissions of a file or directory, use the ls -l command:

ls -l filename

Output example:

-rwxr-xr-- 1 user group 1234 Oct 1 12:34 filename

• -rwxr-xr--: Indicates the permissions (user: rwx, group: r-x, others: r--).
• 1: Link count (number of hard links).
• user: The owner of the file.
• group: The group associated with the file.

CHMOD Best Practices

• Avoid using 777 for sensitive files or directories, as it gives full control to everyone.
• Use 644 for web files and 755 for scripts and executables.
• For directories that need to be private, use 700.

By understanding and correctly configuring permissions with CHMOD, you can secure files and directories while ensuring proper access for authorized users.