5.1 Structure of File Permissions
There are three kinds of permissions that a user can have for a file:
1. permission to read the file. For directories, this means
permission to list the contents of the directory.
2. permission to write to (change) the file. For directories, this
means permission to create and remove files in the directory.
3. permission to execute the file (run it as a program). For
directories, this means permission to access files in the
There are three categories of users who may have different
permissions to perform any of the above operations on a file:
1. the file's owner;
2. other users who are in the file's group;
3. everyone else.
Files are given an owner and group when they are created. Usually
the owner is the current user and the group is the group of the
directory the file is in, but this varies with the operating system, the
file system the file is created on, and the way the file is created.
You can change the owner and group of a file by using the `chown' and
In addition to the three sets of three permissions listed above, a
file's permissions have three special components, which affect only
executable files (programs) and, on some systems, directories:
1. Set the process's effective user ID to that of the file upon
execution (called the "setuid bit"). No effect on directories.
2. Set the process's effective group ID to that of the file upon
execution (called the "setgid bit"). For directories on some
systems, put files created in the directory into the same group as
the directory, no matter what group the user who creates them is
3. prevent users from removing or renaming a file in a directory
unless they own the file or the directory; this is called the
"restricted deletion flag" for the directory. For regular files
on some systems, save the program's text image on the swap device
so it will load more quickly when run; this is called the "sticky
In addition to the permissions listed above, there may be file
attributes specific to the file system, e.g: access control lists
(ACLs), whether a file is compressed, whether a file can be modified
(immutability), whether a file can be dumped. These are usually set
using programs specific to the file system. For example:
On GNU and GNU/Linux the file permissions ("attributes") specific
to the ext2 file system are set using `chattr'.
On FreeBSD the file permissions ("flags") specific to the FFS file
system are set using `chrflags'.
Although a file's permission "bits" allow an operation on that file,
that operation may still fail, because:
* the file-system-specific permissions do not permit it;
* the file system is mounted as read-only.
For example, if the immutable attribute is set on a file, it cannot
be modified, regardless of the fact that you may have just run `chmod
automatically generated by info2www version 22.214.171.124