File Permissions

Each file in Unix has an owner - normally the user who creates the file. The file also belongs to a particular group. A group in Unix is a set of users. For instance, all faculty in CSE belong to the group cisfact. Similarly, all CSE graduate students belong to the group cisgrad.
 

Enter the command: groups  The groups command lists the names of the groups that you belong to.

For controlling access to a file, Unix divides all users into three classes :

1. the owner of the file (user)
2. the users who belong to the same group as the file (group)
3. everyone else (other)

Read permission allows users to view the contents of a file and to copy it. Write permission allows users to modify the file. Execute permission allows users to run the file, if it is executable.

The permissions for a file can be listed using the ls -l command. Here's a sample output of such a command:

-rwxr-x--x   1 smith   cisgrad      243 Jun 30  1996 chess

The next nine characters indicate the permissions for the file. Of these, the first 3 denote the permissions for the owner of the file. The next 3 denote the permissions for the group members. The last 3 denote the permissions for everyone else.

In this case, the owner of the file has "r", "w" and "x" permissions, group members have "r" and "x" permissions but no "w" permission and others have only "x" permission. Lookup the ls command for details on the other fields of the output.

In the case of directories, permissions are interpreted in a slightly different way. Read permission allows users to list the contents of the directory. Write permission allows users to create files and sub-directories within the directory and execute permission allows users to search the directory. A file or directory can be accessed using a pathname ONLY if the user has execute (search) permission on all intermediate directories in the path.

File permissions can be manipulated using the chmod command. The chmod command allows you to set, add or remove "r", "w" and "x" permissions. For example, to set the group permission for the file lab1.cpp to "r" and "w", you would use the command:

chmod g=rw lab1.cpp

To allow execute permission for the group, in addition to existing permissions, use the command:

chmod g+x lab1.cpp

To deny write permission to the group, use the command:

chmod g-w lab1.cpp

Changing the permissions for the owner and others is similar. For the owner, use "u" (for user) instead of "g", and for others use "o".
 

Enter the command: chmod o+w /class/sce/bin  Note that the command fails because you are not the owner of the directory. Let us copy all the files in the directory /class/sce/reference/unix/samples to the directory Testdir1. Can you guess the command to do this? Enter the command in the xterm.  Change your working directory to Testdir1.  Once you are in the directory Testdir1, list the contents of the directory using ls -l.  Note that you are the owner of the files that you copied. Let us give "r" and "x" permission to "others" for all files in the current directory.  Enter the command chmod o=rx *  Use ls -l to verify that the permissions have been changed. Since these are dummy files, we might as well give "others" write permission also.  Enter the command chmod o+w *  Use ls -l to verify that the permissions have been changed. Since these are not executable files, let us delete the "x" permissions that we gave earlier.  Enter the command chmod o-x *  We have come to the end of the tutorial now. Let us delete all the dummy files in the directory Testdir1.  Enter the command: rm *  Let us also delete the directory Testdir1. For this, first change to the home directory. Once you are in your home directory, delete the directory Testdir1.

Previous	Table of Contents	Continue