What is chmod?
CHMOD (change mode) is a Unix command that tells the server how much access it can grant to a file (permissions). There are three types of user: owner (you, includes the server), group (a specific group of people) and public (everybody else). Each type of user can have three levels of access: read (can view a file), write (can write and delete a file) and execute (can run a file/program).
You can set the individual permissions for each type of user. For example, you (owner) might want to read, write and execute "database.cgi", but you do not want strangers (public) to be able to update (or destroy) the database! So, we use chmod to set the permissions of the file so that anybody can read and execute (run) the database (assuming it's not secret), but only you can write to the database (i.e., update its contents).
The references (or classes) are used to distinguish the users to whom the permissions apply. They are represented by one or more of the following letters:When setting chmod values, you sometimes see a string of letters like rwxr-xr-x or a three digit number like 755. Both of these examples mean the same thing: the owner can read, write and execute a file, the group can read and execute a file, and the public can read and execute a file.
The string of letters correspond to the names of the file permissions ( r ead, w rite, e x ecute), whereas, each digit in the number sequence represents the sum of permissions for each type of user. That is because each permission has a numerical value: read = 4, write = 2 and execute = 1.
Reference | Class | Description |
---|---|---|
u | user | the owner of the file |
g | group | users who are members of the file's group |
o | others | users who are not the owner of the file or members of the group |
a | all | all three of the above, is the same as ugo |
Octal digit values can be added together to make Symbolic Notations:
(4=r)+(1=x) == (5=r-x)
(4=r)+(2=w) == (6=rw-)
(4=r)+(2=w)+(1=x) == (7=rwx)
Here is a summary showing which octal digits affect permissions for user, group, and other:
So, using our 755 example: the first digit (7) represents the owner, and is the sum of 4+2+1 (the maximum number you can have), which is read, write and execute. The next digit (5) represents the group, and is the sum of 4+1, which is read and execute. The last digit (also 5) represents the public, and is the sum of 4+1, again, read and execute.