Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

Linux Permission Types & Examining Permissions

Lesson 29 of 31 in the free Operating System & Linux Programming notes on Siksha Sarovar, written by Rohit Jangra.

The Owner / Group / Other Model

Every Linux file has:

  • An owner (user ID) — usually who created it.
  • A group — the file's group ID.
  • A set of permission bits for owner, group, and others.

Three permissions per category: read (r), write (w), execute (x).

Meaning per Object Type

BitRegular fileDirectory
rRead contentsList entries (ls)
wModify contentsAdd/remove/rename entries
xExecute as programTraverse / cd into; access named entry

For directories the x bit is critical — without it you cannot cd in even if you have r.

Reading ls -l

-rwxr-xr-- 1 alice dev 1024 Apr 30 12:00 script.sh

Decoding the first 10 characters:

PosValueMeaning
1-Regular file (d directory, l symlink, c/b device)
2-4rwxOwner can read, write, execute
5-7r-xGroup can read, execute, but not write
8-10r--Others can only read

The number after the type is the link count (1 here). Then owner (alice), group (dev), size, modification time, name.

Special Bits

Beyond rwx for u/g/o, three special bits exist:

  • Setuid (s on owner x) — when an executable runs, the process's effective UID becomes the file's owner. /usr/bin/passwd is a classic setuid-root program.
  • Setgid (s on group x) — sets effective GID; on directories, new files inherit the directory's group.
  • Sticky bit (t on others x) — on directories, only the file owner (or root) can delete entries — used on /tmp.

Examining Permissions

ls -l is the daily tool. Other useful commands:

  • stat file — full metadata in human form.
  • namei -l /path/to/file — walks the path and prints permissions of each component.
  • getfacl file — extended ACLs (when present).
  • id — your UID/GID and supplementary groups.
  • groups user — groups a user belongs to.

Default Permissions and umask

New files are created with mode (0666 & ~umask) and directories with (0777 & ~umask). With umask 022, files become 644 (rw-r--r--) and directories 755 (rwxr-xr-x). Show with umask; set with umask 077 (private).

Worked Example

Suppose /home/alice/private.txt shows -rw-------. User Bob runs cat /home/alice/private.txt:

  1. The kernel checks the path components — Bob needs x on /, /home, /home/alice. If /home/alice is drwx------, Bob is denied at the directory.
  2. Even if Bob could traverse, the file's mode forbids group/others reading.

So privacy comes from the combination of directory-traversal and file-mode permissions.

Summary

  • Three triplets (u/g/o) × three bits (r/w/x) define basic permissions.
  • Directory x bit is required to traverse, separate from r for listing.
  • Special bits (setuid, setgid, sticky) cover privileged execution and shared directories.