Linux File Permissions

I have been working with Linux more recently and realized my understanding of file permissions was lacking. I summarized it here.

Permission basics

When you run ll in the terminal, you can see permissions for each file.

For example: drwx------ 7 lighthouse lighthouse 4096 Jul 12 12:00 lighthouse

The first letters indicate permission info. In plain terms, they define permissions for me, my group, and others.

Permission checks

Given a file’s permission bits, how do you check whether a user has access?

1. Get the user’s UID/GID. For example, run id and get info for user lighthouse.

   uid=1000(lighthouse) gid=1000(lighthouse) groups=1000(lighthouse)
   

2. Get the file’s UID/GID and permission bits, e.g., the lighthouse directory.

   # Show uid, gid
   ll -n
   drwx------ 7 1000 1000 4096 Jul 16 15:21 lighthouse
   
   # Show owner, group names
   ll
   drwx------ 7 lighthouse lighthouse 4096 Jul 12 12:00 lighthouse
   

3. Permission logic

   • If uid === 0, the user is root and has full permissions.
   • If user uid === file uid, the user is the owner, so use owner rwx.
   • If user is not owner but in the group, use group rwx.
   • Otherwise, use other rwx.

Notes

1. root is special and its UID is fixed.
2. uid === 0 superuser may not be unique.

Example

Even if root is neither owner nor in the same group and the folder has no permissions for others, root can still read/write/execute. This matches the logic above.

Final Thoughts

Learn Linux well. Keep going.

References

• https://superuser.com/questions/626843/does-the-root-account-always-have-uid-gid-0

• https://unix.stackexchange.com/questions/411889/what-does-it-mean-when-a-file-is-owned-by-the-user-root-and-the-group-root