The topic of this post may seem trivial, but many students do not understand the difference between read, write and execute permissions for file and directory.
For example, what is the point of assigning execute permission to directory? It’s never going to run.
So, in this discussion we are going to clarify all such doubts.
Understanding User, group and Others
A common question that many students ask is why ‘rwx’ is written multiple times, as shown below
drwxrwxrwx 1 baljit baljit 4096 Sep 22 19:59 A
This is because there are three different entities that can access the file/directory and you might want to give different permissions to them. These entities are:
1. user(u) – the owner of the file
2. group(g) – the members of the group to which the file belongs
3. others(o) – all other users who can access the system
So, the owner might want to have different permissions for himself, different permissions for group members and different for others. For example,
drwxrw-r-- 1 baljit baljit 4096 Sep 22 19:59 B
A ‘-‘ means the corresponding permission is not allowed. So, for the above directory B, the permissions are as follows
user – read, write and execute (rwx)
group – read and write (rw-)
others – only read (r–)
Understanding Permissions for File
Read: Read permission for a file means that you can view the contents of a file. View the figure below. You can see initially “read” permission is there for the user and hence we can view the contents using the cat command.
Next, using chmod command, read permission is denied. Then, if you try using the cat command to view the contents, the system throws an error, “Permission denied”
Write: Write permission for a file means that one can modify the contents of the file i.e., either add new content or delete the existing content.
To check how it works follow the same steps as above:
1. try modifying a file having write permission using an editor like nano or vim. You will be able to do so
2. deny write permission to user using chmod command
3. Again try to modify the content. This time it will through an error when you will try to save the file.
Execute: Execute permission for a file means you can run/execute a file. This permission makes sense only to files which can be executed, for example, shell scripts, C language object files (file that you get after compiling a C program) etc. Watch the video below to see a demonstration for the same
Understanding Permissions for Directory
Read: Read permission for the directory means you can view the contents of the directory i.e., files and sub-directories. For example, the figure below shows that when the read permission is denied the user is not able to view the contents of the directory anymore.
Write: Write permission for the directory means you can create or delete files and sub-directories. As demonstrated in the example below, once the write permission is denied to the user, he is not able to create new files. Similarly, the user will also not be able to create new directories or delete files or directories.
Execute: This is the most interesting of all. Execute for a directory means that you can traverse through the directory. For example, let’s suppose you want to view the contents of directory B which is inside A. So yyou can write
$ls A/B
as shown below and its lists the contents of directory B.
Next, deny execute permission on directory A to the user and try executing the ls command again to view contents of directory B. This time the system will throw an error because now the user is not allowed to go through A as the execute permission is not there on A.
Practice Question
Q. Consider the following scenario
| User | Their Groups |
| lucky | lucky, ricardo |
| ricky | ricky, ricardo |
| ether | ether, mercy |
| fred | fred, mercy |
drwxrwxrwx ricky ricardo dir (contains following files) -rw-rw-r-- lucky lucky lf1 -rw-r--rw- lucky ricardo lf2 -rw-rw-r-- ricky ricardo rf1 -rw-r----- ricky ricardo rf2
Q1. Who is the only person who can change the contents of file lf1?
Ans: lucky
Q2. Who can view the contents of lf2 but cannot modify the contents of lf2?
Q3. Can ricky delete the file lf1 and lf2?