Remember the reference to the shorthand method of chmod? Here is another way to change permissions; it may seem a little complex at first.
Go back to the original permissions for sneakers.txt (type ls -l sneakers.txt).
-rw-rw-r-- 1 newuser newuser 150 Mar 19 08:08 sneakers.txt
Each permission setting can be represented by a numerical value:
- r = 4
- w = 2
- x = 1
- – = 0
When these values are added together, the total is used to set specific permissions.
For sneakers.txt, here are the numerical permissions settings:
- (rw-) (rw-) (r--) | | | 4+2+0 4+2+0 4+0+0
The total for the user is six, the total for the group is six and the total for others is four. The permissions setting, then, is read as 664.
If you want to change sneakers.txt so those in your group will not have write access, but can still read the file (as shown in Figure 10-16), remove the access by subtracting 2 from that set of numbers.
The numerical values, then, would become six, four, and four — or 644.
chmod 644 sneakers.txt
Check the changes by listing the file (ls -l sneakers.txt):
-rw-r--r-- 1 newuser newuser 150 Mar 19 08:08 sneakers.txt
Now, neither the group nor others have write permission to sneakers.txt. To return the group’s write access for the file, add the value of w (2) to the second set of permissions.
chmod 664 sneakers.txt
|Beware 666 and 777|
|Setting permissions to 666 or 777 will allow everyone to read and write to a file or directory. These permissions could allow tampering with sensitive files, so in general, it is not a good idea to use these settings.|
Here is a list of some common settings, numerical values and their meanings:
- -rw------- (600) — Only the owner has read and write permissions.
- -rw-r--r-- (644) — Only the owner has read and write permissions; the group and others can read only.
- -rwx------ (700) — Only the owner has read, write and execute permissions.
- -rwxr-xr-x (755) — The owner has read, write and execute permissions; the group and others can only read and execute.
- -rwx--x--x (711) — The owner has read, write and execute permissions; the group and others can only execute.
- -rw-rw-rw- (666) — Everyone can read and write to the file. (Be careful with these permissions.)
- -rwxrwxrwx (777) — Everyone can read, write and execute. (Again, this permissions setting can be hazardous.)
Here are some common settings for directories:
- drwx------ (700) — Only the user can read, write in this directory.
- drwxr-xr-x (755) — Everyone can read the directory, but its contents can only be changed by the user.