The Power of Permissions

Although I learned chmod before I had even interviewed to work at my current position, I didn’t really think much of it until I somehow… em… removed permissions for users to view the website research page I had been editing. Oops. Here’s a simple rundown of users, groups, and permissions in Linux.

Permissions allow you to control the security of your files in Linux. You can see what permissions are attributed to what file with the command ls -l This is particularly relevant in a shared directory. Then you’ll see a HUGE list with a left hand column full of rwxr -xr-x and other junk. These are file permissions, and as root you can change them at will.

There are only three groups (or flags) you need to worry yourself about: YOU or u, the file owner. GROUP MEMBERS or g, and OTHER PEOPLE, or o. You can take the permissions away , or add them +.

There are only three permissions you need to worry about: READ or r, WRITE w, and X-ECUTE, or x. Yes you can set permissions numerically but if you’re reading this for learning purposes I wouldn’t play with that yet. At least with letters you know exactly what is going to happen.

So to change permissions, start with chmod, then start with the letter of the group you want to change permissions for, like group “g”. Then add “+” your permissions. End with the name of the file you’re changing permissions for.Do you want your group to be able to just read your files and not change them? Then your command would be chmod g+r filename

That’s it! Keep in mind, this probably won’t really stick until you break something. This skill would be important to learn particularly if you are on an academic server and want to make sure everyone else can’t view your files. This was learned the hard way when the lab staff discovered this loophole and began commenting in each other’s R code things like “HAHAHA I WAS HERE!” My first attempt to close the gate on this R-code vandalism actually removed the permissions for myself. The solution was to remove permissions for everyone except me: chmod g-rwx, o-rwx filename

An Aside. If you want a really thorough review on this, by all means check out a 37 minute video from “Eli the Computer Guy”