Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Linux File Permissions: What Do They Really Do?

Understand Linux file permissions—read, write, execute—and how to manage them using chmod, ls, and stat commands.
byDev Solutions
October 10, 2025
Dramatic thumbnail showing chmod 777 vs chmod 755 in terminal windows with warning icons and a panicked developer to visualize Linux file permissions risks Dramatic thumbnail showing chmod 777 vs chmod 755 in terminal windows with warning icons and a panicked developer to visualize Linux file permissions risks
  • 🔒 Up to 18% of enterprise apps suffer from misconfigured Linux file permissions, affecting reliability.
  • ⚠️ Using chmod 777 is a top cause of unintended access and security breaches in Linux systems.
  • 🧰 Tools like chmod, chown, and find -perm are essential for permission auditing and scripting workflows.
  • 📦 CI/CD pipelines should integrate permission management to prevent deployment failures or leaks.
  • 🧠 SUID, SGID, and the Sticky Bit offer advanced control over user operations and are critical in multi-user systems.

In Linux, file permissions control who can read, write, or run files and directories. This is a key part of both system security and software development. You might be building apps, managing systems, or putting out code with DevOps. But if you ignore Linux file permissions, you can get bugs, broken scripts, or big security risks. So, understanding Linux permissions is not just for system administrators. It is a basic requirement for modern development.

How Linux File Permissions Work

Linux permissions control access to every file and directory. This system has three user types:

  1. User (u) – The file’s individual owner.
  2. Group (g) – A set of users grouped together for shared access.
  3. Others (o) – Everyone not covered by user or group.

Every file and folder on a Linux system has rules about who can see, change, or run it. These rules tell the system how to act when a program tries to get access. By default, this means giving the least amount of access needed.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

If your script is not running, or if someone cannot open a configuration file, it is likely a Linux permissions problem. Permissions are set for each file or directory. You set them using the chmod command and a few other tools.

Read, Write, Execute: What They Actually Do

The r, w, and x permissions are key to managing Linux access.

  • Read (r)

    • On regular files: Lets you view the content (e.g., with cat or less).
    • On directories: Lets users list the files inside using commands like ls.

  • Write (w)

    • On files: Gives the ability to change or overwrite content.
    • On directories: Users can add, delete, or rename files inside.

  • Execute (x)

    • On files: Lets you run a file as a program or script.
    • On directories: Lets users enter (cd) and look through the contents.

Permissions Table

File Type Permission What It Allows
File r Read content
File w Modify or overwrite
File x Execute as a program/script
Directory r List contents (ls)
Directory w Add/delete entries
Directory x Access the directory or cd into it

Try-it-yourself

touch test.sh
chmod -x test.sh
./test.sh   # You'll get a Permission denied

This example stops the file from running by taking away the execute flag. This flag is needed for shell scripts or any program that can be run.

User, Group, and Others: Understanding Ownership

Each file also has two main owners:

  • User owner (UID) – Usually, the user who made the file.
  • Group owner (GID) – A user group that can share file-level access.

It is important to know how Linux checks for access. When you try to get to a file:

  1. The system checks if you are the user owner.
  2. If not, it checks if you belong to the group.
  3. If both fail, it uses the others permission.

View Ownership with ls -l:

ls -l somefile.txt

Example output:

-rw-r--r-- 1 alice devs 1024 Apr 28 10:00 somefile.txt
  • alice is the user owner.
  • devs is the group.
  • Permissions are read from left to right: user, group, others.

Decoding the File Permission String

You will often see modes like -rwxr-xr--, especially with ls -l. Here is what they mean:

  • First character: Shows the type — - for file, d for directory, l for symlink.
  • Next 9 characters: Permissions are split into three sets of three:
    • User: rwx
    • Group: r-x
    • Others: r--

Breakdown of -rwxr-xr--

Segment Meaning
Regular file
rwx User: full access
r-x Group: read, execute
r– Others: read-only

These three parts together show who can do what. This makes sure only people with the right roles have the access they need.

Using ls and stat to View Permissions

To quickly see file details:

ls -l filename

But if you need more details like inode, size, or permissions as numbers:

stat filename

Example:

touch example.txt
stat example.txt

You will see something like:

Access: 2024-04-28 10:00
Device: 802h Inode: 123456 Mode: 100644 (-rw-r--r--)

Here, 100644 shows the octal permission (more on this next).

Chmod with Numeric and Symbolic Modes

The chmod command is the main tool to change file or directory permissions.

Numeric (Octal) Mode

Permissions correspond to numeric values:

Permission Value
r 4
w 2
x 1

Combine as follows:

  • rwx = 4 + 2 + 1 = 7
  • rw- = 6
  • r-- = 4

Common examples:

chmod 755 myapp.sh    # User: all, Group: read/execute, Others: read/execute
chmod 644 readme.txt  # User: read/write, group/others: read only

Symbolic Mode

This method lets you change permissions by adding or removing them:

  • Add permission: 
    chmod u+x myscript.sh
  • Remove permission: 
    chmod g-w data.csv
  • Set exact mode: 
    chmod o=r file.txt

Symbolic modes are good for scripting and are easy for people to read. They help with fast fixes.

Safely Changing Permissions with Chmod

Be careful when changing permissions, especially in public folders or code:

Common Use Cases

  • Make a script runnable: 
    chmod +x setup.sh
  • Take away group write access: 
    chmod g-w database.cfg
  • Make it strictly read-only: 
    chmod 444 production.config

🛑 Avoid chmod 777 unless you are absolutely sure. This gives every user read, write, and run access. This is a very big security risk.

TechRepublic warns that “Wrong permission settings can create security weak spots, especially when using 777 for directories” (Andrews, 2023).

Special Bits: SUID, SGID, and Sticky Bit

Linux has three more permission flags beyond rwx:

SUID (Set User ID)

  • When put on a runnable file, it runs as the file’s owner, not the user running it.
  • Example: 
    chmod u+s setuid_app

SGID (Set Group ID)

  • Put on directories: new files made inside get the directory’s group.
  • For files: it works like SUID, but for the group.
  • Example: 
    chmod g+s team_dir

Sticky Bit

  • Stops files from being deleted inside a directory by anyone but the file owner.
  • Often used in /tmp.
  • Example: 
    chmod +t /shared/folder

Why Permissions Work Differently on Directories

Permissions like x work in a special way when used on folders compared to files.

Directory-Specific Behavior

Permission Effect
r See filenames
w Add/delete contents
x Enter the directory (cd)

Example:

mkdir secrets
chmod 600 secrets
cd secrets   # Permission denied

Even if you can read it, you cannot enter it (missing the x bit).

Real-World Dev Issues Caused by Permissions

Permission mistakes cause many bugs in production systems. Here are some real examples:

  • Git Clone Fails – No write access in the target folder.
  • Shell Script Does Not Run – Missing run bit.
  • Docker Mount Fails – Container programs cannot get to host file mounts because access is denied.

⚠️ ZDNet reported that 18% of big company applications have wrong Linux file permissions. This makes deployments unstable (Palmer, 2022).

Whether you are coding together or putting things on the cloud, permissions are often the hidden problem.

Graphical vs CLI Permission Tools

For beginners, desktop systems like GNOME or KDE have file managers (Nautilus, Dolphin). These let you:

  • Right-click → Properties → Permissions

This is good for quick changes. But for systems that need to be set up the same way many times, or for remote control, command-line tools are a must-have.

CLI Advantages

  • Fast
  • Can be scripted
  • Exact

For example:

chmod -R g+rw project/

Default Permissions and Umask

Linux uses a default mask. This mask sets the first permissions for new files and folders.

UMASK in Action

The umask takes away permissions from system defaults.

  • Files default: 666
  • Directories default: 777

So, if umask = 022:

  • Files become 644
  • Directories become 755

View and Set Umask

umask           # Show current
umask 077       # Files: 600, Dirs: 700 (tightest)

Change umask settings in .bashrc, .zshrc, or for the whole system through /etc/profile.

Best Practices for Shared Repositories

Working in a team means you need consistent permissions:

  • ✅ Make sure scripts can be run before commits
  • ✅ Make sure permission rules are followed with Git hooks
  • ✅ Avoid committing files that allow global write/run access

Example Post-Commit Hook:

#!/bin/sh
find . -name "*.sh" -exec chmod +x {} \;

Add this in .git/hooks/post-commit to apply it automatically.

CI/CD and Automated Permission Management

Your DevOps pipeline should check Linux file permissions. For example:

  • Docker builds: 
    RUN chmod 600 /app/secret.env
  • Deployment scripts: 
    chmod +x deploy_prod.sh
  • Static analysis or linting:
    • Check for permissions that are too open before pushing code.

These steps protect login details, stop build errors, and keep security safe.

Essential Tools for Permission Fixes

Learn these commands for fixing problems or writing scripts about permissions:

  • ls -l — Basic permission view
  • stat — More file info
  • chmod — Change permissions
  • chown — Change ownership
  • umask — View/set default permissions
  • find -perm — Find risky permission settings

Find Problem Files Recursively:

find . -type f -perm 0777

Turn that into a script that runs during CI builds. This will automatically mark insecure files.

Setting up permissions carefully is a basic part of Linux development. It is easy to forget about permissions. But wrong Linux permissions can quietly bring in bugs, security weak spots, and even ways for attacks to happen (MITRE, 2023). Developers and DevOps people must see permissions as a key part of every system's life. This includes writing code, testing, putting things out, and checking them. Start handling permissions correctly now. This will stop problems later.

Do you need help recalling permission types? Get our printable Linux Permissions Cheat Sheet. Or download our permission checking shell script at Devsolus today.

References

Andrews, C. (2023). Understanding Linux file permissions and how to change them. TechRepublic. https://www.techrepublic.com/article/linux-file-permissions-explained

Palmer, D. (2022). Linux and file systems: Security considerations developers should know. ZDNet. https://www.zdnet.com/article/linux-and-file-systems-security-considerations-developers-should-know

MITRE. (2023). Common Weakness Enumeration: CWE-732 – Incorrect Permission Assignment for Critical Resource. https://cwe.mitre.org/data/definitions/732.html

byDev Solutions
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading