Loading Loading Medway Makers: Linux

File Access Rights


In Linux systems file access is controlled as follows.

Access is defined by three permissions;

A set of permissions may be designated by a string such as r-- meaning read only or rw- meaning read and write or --x meaning execute only. These permissions can also be represented as octal and would be 4,6,1 consecutively. These are binary 100, 110 and 001.

Every file belongs to a user and a group and must have permissions set for;

In a Linux commands this is done with a string such as

When a person tries to access a file

Thus one could create a group called "jerks" and use it to deny some people access to a file that was accessible to anybody who was not a member of the group. Of course this is of limited value because it would require the file to belong to the group jerks! Also on most systems a user can remove themselves from a group.

Directory Access

Directories are controlled in the same way but;

Directories also have some other access controls;

By setting the "sticky bit" users can only delete their own files.

TODO what about rename?

set group id bit if set forces a files group to be the directories group.

Access Commands


Add Execute by User permission;

   chmod u+x <file descriptor>

Assign Read Write Execute permission to User, Read Execute permission to Group, Execute permission to Others;

   chmod 751 <file descriptor>
   chmod u=rwx,g=rx,o=x <file descriptor>

Assign Read only permission to file for All that means User Group and Others;

   chmod =r <file descriptor>
   chmod a-wx,a+r <file descriptor>
   chmod 444 <file descriptor>


Change the owner of file or files to "root";

   chown root <file descriptor>

Likewise, but also change its group to "staff";

   chown root:staff <file descriptor>

Change the owner of file or files and subfiles to "root";

   chown -hR root <file descriptor>


Change the group of file or files to "staff";

   chgrp staff <file descriptor>

Change the group of file or files and subfiles to "staff";

   chgrp -hR staff <file descriptor>

© Tom de Havas 2011. The information under this section is my own work it may be reproduced without modification but must include this notice.

Users and Groups

Every user;



Information on users is stored in the file;


Groups are defined in the in the file;


It contains a list of the users that are members of each group.

When you create a file it will be assigned to your primary group. To assign it to another group you must either;

When you switch the system on if it goes directly to the command prompt then it displays a message which it gets from the file


You can display information for your account with the id command.

The following commands are not simple and need to be looked at before use;