In the world of Linux, where multi-user systems and server security are foundational principles, understanding file permissions and ownership is crucial. Whether you're a beginner exploring your first Linux distribution or a seasoned system administrator managing critical servers, knowing how permissions work is key to ensuring the integrity, privacy, and functionality of your system.

This guide will take you deep into the core of Linux file permissions and ownership—what they are, how they work, how to modify them, and why they matter.

Why File Permissions and Ownership Matter in Linux

Linux is built from the ground up as a multi-user operating system. This means:

• Multiple users can operate on the same system simultaneously.

• Different users have different levels of access and control.

Without a permissions system, there would be no way to protect files from unauthorized access, modification, or deletion. File permissions and ownership form the first layer of defense against accidental or malicious activity.

Linux Permission Basics: Read, Write, Execute

Each file and directory in Linux has three basic types of permissions:

• Read (r) – Permission to view the contents of a file or list the contents of a directory.

• Write (w) – Permission to modify a file or create, rename, or delete files within a directory.

• Execute (x) – For files, allows execution as a program or script. For directories, allows entering the directory (cd).

Permission Categories: User, Group, Others

Permissions are assigned to three distinct sets of users:

• User (u) – The file's owner.

• Group (g) – A group associated with the file.

• Others (o) – Everyone else.

So for every file or directory, Linux evaluates nine permission bits, forming three sets of rwx, like so:

rwxr-xr--

This breakdown means:

• rwx for the owner

• r-x for the group

• r-- for others

Understanding the Permission String

When you list files with ls -l, you’ll see something like this:

-rwxr-xr-- 1 alice developers 4096 Apr 4 14:00 script.sh

Let’s dissect it:

• - – Regular file (other values include d for directory, l for symbolic link, etc.)

• rwx – Owner (alice) has read, write, and execute permissions

• r-x – Group (developers) has read and execute permissions

• r-- – Others can only read the file

• 1 – Number of hard links

• alice – Owner

• developers – Group

• 4096 – File size in bytes

• Apr 4 14:00 – Last modification date

• script.sh – File name

File Ownership: User and Group

Every file and directory in Linux is associated with:

• An owner (a user)

• A group

When a user creates a file:

• They become the owner by default.

• The file is assigned to the user's primary group.

You can view ownership details using:

ls -l filename

To check group membership:

groups username

Changing Permissions with chmod

To change permissions, Linux uses the chmod command in two modes:

Symbolic Mode

This mode uses letters and symbols:

• u = user (owner)

• g = group

• o = others

• a = all

Operators:

• + = add permission

• - = remove permission

• = = assign exact permission

Examples:

chmod u+x script.sh # Add execute to owner chmod g-w file.txt # Remove write from group chmod o=r file.txt # Set read-only for others

Numeric Mode

This mode uses octal values to represent permission bits:

Permission	Value
Read (r)	4
Write (w)	2
Execute (x)	1

You sum these for each category:

• 7 = rwx

• 6 = rw-

• 5 = r-x

• 4 = r--

Example:

chmod 755 script.sh

Means:

• Owner: 7 = rwx

• Group: 5 = r-x

• Others: 5 = r-x

Changing Ownership with chown and chgrp

To change the owner and group of a file:

chown newuser:newgroup filename

Change only the owner:

chown newuser filename

Change only the group:

chgrp newgroup filename

Example:

chown alice:staff report.txt

Sets alice as the owner and staff as the group.

Special Permission Bits

In addition to the standard rwx permissions, Linux includes three special permission bits:

Setuid (Set User ID)

• Applies to executable files

• Runs the program with the permissions of the file owner, not the user who runs it

chmod u+s filename

Example permission string: -rwsr-xr-x

Setgid (Set Group ID)

• On files: similar to Setuid, but uses group permissions.

• On directories: new files inherit the group of the directory.

chmod g+s dirname

Sticky Bit

• Applies to directories

• Only the file owner can delete files within the directory, even if others have write access.

Common on shared directories like /tmp.

chmod +t /shared

Permission string: drwxrwxrwt

Viewing Detailed File Information

Two common ways to view permissions and ownership:

ls -l

ls -l filename

Shows basic file type, permissions, owner, group, and size.

stat

stat filename

Displays:

• File type

• Access rights

• Owner and group

• Inode and link count

• Timestamps

Example output:

File: script.sh Size: 2048 Blocks: 8 IO Block: 4096 regular file Device: 802h/2050d Inode: 131072 Links: 1 Access: 2025-04-04 14:00:00.000000000 +0000 Modify: 2025-04-04 13:45:00.000000000 +0000 Change: 2025-04-04 13:50:00.000000000 +0000 Birth: -

Best Practices for Managing Permissions

• Use the principle of least privilege – grant only the necessary permissions.

• Avoid using chmod 777 unless absolutely necessary—it makes files writable and executable by everyone.

• Use groups to manage shared access to directories or files.

• Regularly audit permissions using tools like find or acl.

Example to find world-writable files:

find / -type f -perm -o+w

Advanced Tip: Access Control Lists (ACLs)

Standard permissions are sometimes not enough. ACLs allow more fine-grained access control.

Enable and view ACLs with:

getfacl filename setfacl -m u:bob:rw filename

This gives user bob read/write access to filename even if he’s not the owner or in the group.

Conclusion

Linux file permissions and ownership are not just a dry technical concept—they’re the foundation of system security and multi-user cooperation. Whether you're setting up a simple script or managing a production server, understanding and applying these concepts correctly ensures safety, control, and peace of mind.

Take the time to practice:

• Create files and change their permissions

• Test ownership with different users

• Use tools like ls, chmod, chown, and stat

Once you master these tools, you'll unlock a much deeper level of control over your Linux system.