Affordable Web Hosting with Excellent Customer Support internet connection free month hosting

Understanding File Permissions

Because Unix is a multi-user operating system, it must enforce restrictions on user access to files. This is accomplished by file permissions; each file has a set of permissions that determine who can read it, who can write to it and who can execute it.

User types

Files have permissions specified for three types of users: owner, group, and other. The owner is often the file creator, however ownership may be changed so this is not always the case. The group is the group of users that the file is associated with, and other represents all other users.

The Permissions

Permissions control a user's ability to perform three actions: read, write and execute. Allowing users read access enables them to view the contents of files and directories. Granting write access enables users to modify and delete files and directories. Lastly, granting execute permissions allows files, such as CGI scripts, to be executed, or run, on the server.

Reading File Permissions

Now that you have an understanding of what file permissions are, we'll go over how to read them. There are two ways you can view the permissions of the files and directories in your account, through your FTP client* and through the shell account that all of our *nix accounts come with.

Using Your FTP Client

Upon connecting to your account via an FTP client, you'll see a directory listing such as this:

A directory listing in CuteFTP showing file permissions.

If you connect to your account via SSH and do a list with the long list format switch, you'll a directory listing similar to this:

A directory listing in PuTTY, a Telnet/SSH client, showing file permissions.

The fifth column, titled "Attr", of the FTP window and the first column of the SSH window show the permissions for each file and directory. For example, the permissions for the file index.html are -rw-r--r--.

  • The first character which, in this case is a "-", denotes whether the item is a directory or not. If you look at the top of the listing you will see a directory, the first character of its permission description is a "d".
  • The next three characters specify the owner's permissions for index.html; they indicate that the owner has read and write permission for this file.
  • The second group of three characters describes the permissions for the group. In the case of this file, the group is only allowed to view the file.
  • The last group of characters denotes the permissions any other users have. Again, you can see only read access has been granted for this file.

If you look at the directory list again, you'll see the file has the following permissions: -rwxr-xr-x. Unlike index.html, this file grants every user the ability to execute it. This is essential for this file, which happens to be a Perl script, to function properly.

Changing Permissions

Just as you can view a file or directory's permissions through an FTP or SSH connection to your account, you can also modify permissions through these means.

  • Most FTP clients have a command that allows you to modify the properties or attributes of a file. For example, in CuteFTP, a popular FTP client for Windows, right-clicking on a file on the server allows you to change a file's permissions:

    CuteFTP's Change File Attributes Command

  • To modify the permissions of a file or directory through an SSH connection, you should use the "chmod" command. For example, to grant read and write permission to the owner and read permission to the group and other users, you would type:
    chmod 644 filename.ext

    "644" is a code that defines what permissions you want to grant for each user. The left-most number refers to the settings for owner, the middle number for group and the right-most number for other. Here's a list of the numbers and what they mean:

    7 - Read, write, and execute permissions
    6 - Read and write permissions
    5 - Read and execute permission
    4 - Read permissions
    3 - Write and execute permissions
    2 - Write permissions
    1 - Execute permissions
    0 - No permissions at all

* Note: Not all FTP clients display or allow you to modify the attributes for files and directories.

Related Items