Skip to main content
Linux Command Line – Complete Beginner to Advanced Guide
CHAPTER 06 Beginner

Linux File Permissions

Updated: May 16, 2026
30 min read

# CHAPTER 6

Linux File Permissions

1. Introduction

Linux was built from the ground up as a multi-user operating system. In the 1970s, fifty college students would log into a single mainframe simultaneously. If Student A could delete Student B's homework, or if a guest could delete the core operating system files, the machine would be chaotic and useless. To prevent this, Linux enforces an iron-clad security perimeter around every single file and folder using Permissions. In this chapter, we will decode the cryptic -rw-r--r-- string, learn how to mathematically alter permissions using chmod, reassign ownership using chown, and understand the absolute, god-like power of the sudo command.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Read and interpret the 10-character permission string in an ls -l output.
  • Define the Owner, Group, and Others (World) permission categories.
  • Understand the function of Read (r), Write (w), and Execute (x) access.
  • Modify file permissions using numeric (Octal) notation with chmod.
  • Change file ownership using the chown command.
  • Execute administrative commands using sudo.

3. Decoding the Permission String

When you type ls -l, the far-left column looks like this: -rw-r--r--. This string has 10 characters.
  • Character 1 (File Type): A - means it is a normal file. A d means it is a Directory (folder).
  • Characters 2-4 (Owner/User): rw- The person who owns the file can Read and Write it, but not eXecute it.
  • Characters 5-7 (Group): r-- People in the assigned group can only Read it.
  • Characters 8-10 (Others/World): r-- Everyone else on the internet can only Read it.

The Permissions (rwx):

  • r (Read): You can look at the file's contents.
  • w (Write): You can modify or delete the file.
  • x (Execute): If the file is a script or program, you are allowed to run it.

4. Changing Permissions (chmod)

To change the rules, you use the chmod (Change Mode) command. Network engineers use Numeric (Octal) Notation because it is mathematically faster. Every permission is assigned a number:
  • Read (r) = 4
  • Write (w) = 2
  • Execute (x) = 1

You add the numbers together for each category (Owner, Group, Others). *Example:* You want the Owner to have Read/Write/Execute (4+2+1 = 7). You want the Group to have Read/Execute (4+1 = 5). You want Others to have zero access (0). The command is: chmod 750 script.sh

5. Common Numeric Permission Sets

Memorize these three configurations; you will use them daily:
  • chmod 777: (rwxrwxrwx) Absolute Danger. Everyone in the world can read, edit, and run this file. Never use this unless troubleshooting in a safe lab.
  • chmod 644: (rw-r--r--) The standard permission for web files (HTML, images). The owner can edit it; the public internet can read it.
  • chmod 755: (rwxr-xr-x) The standard permission for scripts/programs. The owner can edit and run it; everyone else can only run it.

6. Changing Ownership (chown)

If User A creates a file, they are the Owner. If they want to give the file to User B, changing permissions isn't enough; they must transfer ownership using chown (Change Owner).
bash
12345 
# Give ownership of report.txt to the user named 'sarah'
sudo chown sarah report.txt

# Give ownership to 'sarah' AND change the group to 'accounting'
sudo chown sarah:accounting report.txt

7. The Power of sudo (Superuser Do)

In Linux, there is a master administrator account called root. The root user is a god. They bypass all permissions and can delete the entire operating system. You should never log in directly as root; it is too dangerous. Instead, you log in as a normal user. When you need to do something dangerous (like install software or edit a system configuration in /etc), you put the word sudo in front of your command.
bash
12345 
# This will fail with "Permission Denied"
nano /etc/ssh/sshd_config

# This works. It asks for your password, temporarily granting you root power for this single command.
sudo nano /etc/ssh/sshd_config

8. Diagrams/Visual Suggestions

*Visual Concept: The chmod Calculator* Create a visual addition table. Rows: Read (4), Write (2), Execute (1). Columns: Owner, Group, Others. Show how stacking blocks of 4, 2, and 1 equals 7. Show how stacking just 4 and 1 equals 5. This geometric representation makes octal math instantly understandable for visual learners.

9. Best Practices

  • The SSH Key Warning: If you create an SSH cryptographic key (a password file) to log into a remote server, the permissions MUST be completely locked down. If you set your private key to chmod 644, the SSH program will explicitly refuse to work, warning you that the file is "too open." Private keys must always be chmod 600 (Only the owner can read/write, no one else can even look at it).

10. Common Mistakes

  • Applying 777 to "Fix" Problems: A junior developer writes a web app. The app crashes because it cannot write data to a log folder due to a permission error. The developer types chmod -r 777 /var/www/html/logs to fix the crash. They have just opened the folder to the public internet, allowing any hacker to upload a malicious script and take over the server. Never use 777 as a band-aid. Fix the group ownership instead.

11. Mini Project: Lock Down a Script

  1. 1. Create a blank file: touch magic.sh.
  1. 2. Check permissions: ls -l magic.sh. (It will likely be rw-r--r--).
  1. 3. Try to run it: ./magic.sh. (It will say Permission denied because you lack the x execute bit).
  1. 4. Fix it using math: Give yourself all rights, but block the world from seeing it. The math is 7 (Owner), 0 (Group), 0 (World).
  1. 5. Type: chmod 700 magic.sh.
  1. 6. Run ls -l magic.sh again. Notice how the string changed to -rwx------. You just secured a file!

12. Practice Exercises

  1. 1. Break down the numeric components of chmod 755. Exactly what rights do the Owner, the Group, and the World possess?
  1. 2. Explain the security principle behind utilizing the sudo command instead of logging directly into a server using the root account.

13. MCQs with Answers

Question 1

When viewing an ls -l output, you see the permission string -rwxr--r--. If you wanted to replicate these exact permissions using numeric (octal) notation, what number would you use in the chmod command?

Question 2

Which Linux command is required to alter the administrative owner of a file or directory?

14. Interview Questions

  • Q: A developer complains they are getting a "Permission Denied" error when trying to run a Python script they just created. You verify they are the owner of the file. What specific permission bit is missing, and what exact chmod command would you use to fix it while maintaining security?
  • Q: Explain the mathematical calculation behind chmod 644. In a web server environment, why is this the standard permission set for an index.html file?
  • Q: What is the difference between chmod and chown? In what scenario would an administrator be forced to use chown?

15. FAQs

Q: What does the d mean at the very beginning of a permission string like drwxr-xr-x? A: It stands for Directory. It tells you that the item is a folder, not a regular text file or script.

16. Summary

In Chapter 6, we deciphered the core security architecture of the Linux filesystem. We decoded the 10-character permission string, identifying the strict tripartite separation of Owner, Group, and Others. We mastered numeric notation, translating Read(4), Write(2), and Execute(1) into rapid chmod modifications, while firmly rejecting the insecure crutch of chmod 777. We utilized chown to reassign administrative property, and we embraced the sudo command, understanding that controlled, temporary elevation of privileges is the bedrock of professional system administration.

17. Next Chapter Recommendation

You can create, move, and secure files. But what happens when you have 100,000 files and you lose one? You must learn to hunt. Proceed to Chapter 7: Searching Files and Text.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Viewing and Editing File Content
Next Chapter Searching Files and Text

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5

🧪 Related Labs 3