Linux file permissions bible Print


File permissions are an essential part of web hosting, as they prevent private data from being accessed, and prevent your site from being compromised.

Linux uses a specific model to define permissions.

The model uses three user parties, each of which have their own permissions.

The user parties are as follow:

  • Owner
  • Group
  • All users

Each of the above parties can have any combination of Read, Write or Execute permissions.

Typically, the owner will have the most permissions, then the group, then all other users.

Before going into how these are denoted, it's good to understand each of the users.

Owner

The owner is simply the designated user that the file or folder belongs to.

This user's permissions just allow you to view and edit the file on our web servers via your control panel.

Group

In addition to being able to assign an owner to a file, you can also assign a group of users to that file. Any user within this group will then have the privileges that the file's permissions allow that group of users.

Typically, this group will have fewer permissions than the owner, though sometimes they will have elevated permissions over other all others.

All users

This group of users is "everyone else".

Linux permissions allow you to set the permissions for users not already assigned to a file or folder too. These permissions will be the ones that are required for accessing the website on the internet, so anything that should be directly publicly accessible will need at least a read permission!

Denoting permissions

There are two ways that Linux permissions are typically denoted. Either using a three digit code, or by specifying each available permission for each user.

The nine letter denotation

When each available permission for a user is specified, it is in the following format:

rwxrwxrwx

The above example shows permissions where the owner, group and all users have read write and execute permissions.

The first three characters denote the owner's permissions, the middle three denote the group's, and the last three denote the permissions for all users.

As may be implied, 'r' denotes a 'Read' permission, 'w' denotes a 'Write' permission, and 'x' denotes an 'eXecute' permission.

This example is a very insecure one, and not one that our system allows, as the group and all other users should not have write permissions.

If these write permissions are selected for the group or all users on a file/folder in one of our packages, the file/folder will appear highlighted in red in the File Manager, and won't be accessible.

The most liberal permission we grant, as such, can be denoted as follows:

rwxr-x-r-x

The three number code

Each combination of the above letters can also be denoted by a three number code, with each number specifying the permissions for the owner, group, and all users.

The first number denotes the owner, the second denotes the group, and the third denotes everyone else.

Each permission that can be assigned to a user, group, or all users is also assigned a number. These are as follow:

  • 4 read (r)
  • 2 write (w)
  • 1 execute (x)

As such, permissions for each type of user can be numbered from 0 (no permissions) to 7 (full permissions):

  • 7 = 4+2+1 (Read/Write/eXecute or rwx)
  • 6 = 4+2 (Read/Write or rw-)
  • 5 = 4+1 (Read/eXecute or r-x)
  • 4 = 4 (Read or r--)
  • 3 = 2+1 (Write/eXecute or -wx)
  • 2 = 2 (Write or -w-)
  • 1 = 1 (eXecute or --x)

This means that if full read, write and execute permissions are granted for a file or folder (remember, this isn't supported on our servers due to the security risk, but for the sake of this example...), the permissions would be denoted as 777.

The maximum permissions our servers allow are, therefore, 755 permissions (rwxr-xr-x).

Setting your file permissions

It's important to set your permissions to the minimum they need to be set to in order for your site to function correctly.

To assist with this, our web hosting control panel allows has a "Check Site Permission" feature in the "Files" pane, with which you can set thepermissions for each file type to the recommended ones.

If you want to set manual permissions on your files however, you can do this in your web hosting control panel's File Manager.

Just right click the file or folder you want to change the permissions of, and click "Chmod".

Doing this will open up a box in which you can either select the permissions you want to assign to a file or folder using tick boxes, or by specifying the three digit permissions code.

Since you're now an aficionado of Linux permissions, go right ahead and try using the permission codes! If you're ever unsure though, you can always fall back on the tick boxes.


Was this answer helpful?

« Back
Venatour Sports Travel

Encode have continually surpassed themselves in developing our new website. Their patience in learning and understanding what we needed from a website to provide the best service to our customers has been beneficial on so many levels. I would highly recommend them to anyone looking for intelligent solutions to their web, seo or business needs.

Lisa Cooley

Positive: Professionalism, Quality, Responsiveness, Value

Working with Neil is a dream; he's fast, efficient, responsive and full of website knowledge and advice. He won't baffle you with IT over load and will be honest about the best working solution.

Highly recommended!

Ellie Stevenson Author

Positive: Professionalism, Value

Encode and I had a very useful discussion about Wordpress and related issues at no cost to myself. He gave me some very helpful information and answered the questions I had.

I learnt quite a lot! Thank you.

Silvia Boev

Positive: Professionalism, Quality, Responsiveness, Value

I am very excited to work again with Neil. His attention to detail is second to none. I have seen his work in action in the past and he is great. I love his calm approach and his patient guidance to non-tech people like me. I would highly highly reccommend him!

Dr Fuz

Neil is the best! He has sorted out all our business emails and everything runs a great deal better now. Website issues are now a thing of the past as Neil has introduced a maintenance programme to ensure the site is always working optimally and any content changes are actioned pretty much immediately.

Highly recommended!!

H Scott-Brown

'Encode' provided my hosting and domain transfers. They were able to deal with the technicalities of the transfer in a particularly speedy manner, taking all the worry of the transfer, domain issues DNS and nameserver headaches as well as the migration. A couple of emails, and phone call meant it was done smoothly, swiftly and efficiently. All I can say is I'm really please they were recommended to me. Thank you

Spinner