Have you ever wondered about those letters that turn up on the left of a long listing (ls -l) report? Here's an example:

drwxrwxrwt   8 root    wheel    272 17 Nov  2007 Shared
drwxr-xr-x  14 chris   ellis    476 29 Sep  2007 chrise
drwxr-xr-x 270 graham  ellis   9180 23 Nov 07:25 grahame
drwxr-xr-x  34 lisa    ellis   1156 27 Sep 06:44 lisae
drwxr-xr-x  29 trainee trainee  986  5 Sep 03:55 trainee
-rw-rw-r--   1 graham  ellis    294 23 Nov 07:41 uu
-rw-r-----   1 graham  ellis    922 21 Nov 08:45 wb
-rw-------   1 graham  ellis   5143 23 Nov 07:25 xx

They're split into two sections.

The first character is the type of symbol (ls literally means "list symbols") with d for directory, - for a plain file, l for a symbolic link - call it a short cut if you're from a Windows background.

The rest is displayed as 3 sets of three. The first group of three tells you what permissions the user (owner of a file or directory) has over it - that's r for readable, w for writable and x for executable. The second group of three is the permissions thank anyone else in the group has, and the final set of three is for otheirs.

The chmod command lets you change the settings - for example
  chmod g+w,o=r wb
would change
  -rw-r----x 1 graham ellis 922 21 Nov 08:45 wb
into
  -rw-rw-r-- 1 graham ellis 922 21 Nov 08:45 wb

If you wonder why a directory is often marked with an "x" ... I can tell you. It's because "x" means 'accessible' and not 'executable' for a directory - so you need to have the x set for things like cd and ls -l to work properly.

And did you notice the "t" in my top sample. There really should be 12 (and not 9) permission letters ... it should read sstrwxrwxrwx. But those extra letters, where necessary, are displayed "on top of" the "x":



What do they mean?

The two "s" letters stand for "set user id" and "set group id". Normally, when you run a program you're running it with your own permissions, but if the "s" bit is set you run it with the permissions of the owner of the file. If you want an example of a practical use of this, take the password changing program /bin/passwd; regular users cannot be allowed to directly read and write the file of passwords on their computer, but they can write back to it via the direct control of the passwd program. It is dangerous to set the s bit on a program of your own unless you are an expert, know what you are doing, and have considered the security implications!

The letter "t" usually turns up on directories rather than plain files these days, and indicates that the directory is to be an "append" directory. With a regular directory which has public write permissions (such as the one called Shared in my example at the top), anyone can create and delete ANY files there. With the "append" bit set, each file within the directory can ONLY be deleted by the owner of the file, the owner of the directory, and root. The effect of the "t" bit, then, is to provide a temporary / scratch area that anyone can use, without the different users of the area being able to interfere with each other.
(written 2008-11-23 08:16:18)

 A101 - Web Application Deployment - Linux -An Introduction For Users
A161 - Web Application Deployment - Users and Groups

Back to XML, HTML, XHTML and more

Previous and next or Horse's mouth home

Forward to daemons - what is running on my Linux server?

Long, Longer, Longest in Java
A Gold Star for First Great Western Customer Service
Ruby, Perl, Linux, MySQL - some training notes
daemons - what is running on my Linux server?
sstrwxrwxrwx - Unix and Linux file permissions
XML, HTML, XHTML and more
Table Topics
Virtual Hosting under Tomcat - an example
Every cloud has a silver lining
Keeping on an even keel