UNIX FILE PERMISSIONS Unix can control file access in a number of ways. There are three levels of permissions for three classes of users. To view the permissions on a file use the ls command with the -l option. Example: C:indyunix:~/public_html/pfind>ls -l total 40 -rw-r--r-- 1 dbewley staff 139 Jun 18 14:14 home.html -rwxr-xr-x 1 dbewley staff 9145 Aug 14 07:06 pfind drwxr-xr-- 2 dbewley staff 512 Aug 15 07:11 tmp The permissions are listed in the first column as a string nine characters precluded by a file type character which we won't cover. Usually the first character will be a dash or a letter d. The dash indicates that this entry is a regular file. A letter d tells us that this entry is a directory. So what does all that other junk mean? Permissions should be thought of in groups of three, for the three classes of user. user group others r w x r w x r w x The three levels of permissions are: r read the file or directory w write to the file or directory x execute the file or list the directory Each of these permissions can be set individually for the three classes of users: u user, the owner of the file or directory g group, members of the group to which the file belongs o other users, everyone else If a permission is not available its position is filled with a dash. Examples: ls -l hform.html -rwx------ 1 dbewley staff 11816 May 9 09:19 slideshow.pl The owner, dbewley has full permissions - read, write, and execute for this file. The group, staff, and everyone else have no permissions. NOTE: Since perl scripts are not compiled the must be read by the perl interpretor each time they are ran. Therefore perl scripts unlike compiled programs must have execute AND read permissions. ls -l pfind.pl -rwxr-x--- 1 dbewley staff 2863 Oct 10 1995 pfind.pl This time the owner has full access while the group staff can read and execute the file. All others have no permissions for this file. ls -l schedule.html -rw-r--r-- 1 dbewley staff 2439 Feb 8 1996 schedule.html This is the normal permission of an HTML file. Everyone can read it, but only the user can modify or delete it. There is no need have execute permission. CHANGING PERMISSIONS The chmod command is used to change permissions on files. The chmod command recognizes the three classes of user as u, g, and o and the three levels of permissions as r, w, and x. It grants and revokes permissions with a + or -. It also will accept a for all three classes of users at once. Use the chmod command to change permissions: chmod Examples: ls -l pfind.pl -rw------- 1 dbewley staff 2863 Oct 10 1995 pfind.pl chmod u+x pfind.pl ls -l pfind.pl -rwx------ 1 dbewley staff 2863 Oct 10 1995 pfind.pl This added execute permission for the owner of pfind.pl. To add these permissions for the group staff and others use go+rx. Remember, users must have at least read and execute permissions to run perl scripts. ls -l pfind.pl -rwx------ 1 dbewley staff 2863 Oct 10 1995 pfind.pl chmod go+rx pfind.pl ls -l pfind.pl -rwxr-xr-x 1 dbewley staff 2863 Oct 10 1995 pfind.pl Now, any user can read and execute pfind.pl. Let's say a serious bug was found in pfind.pl and we don't want it to be executed by anyone. To revoke execute permission for all classes of user use a-x. ls -l pfind.pl -rwxr-xr-x 1 dbewley staff 2863 Oct 10 1995 pfind.pl chmod a-x pfind.pl ls -l pfind.pl -rw-r--r-- 1 dbewley staff 2863 Oct 10 1995 pfind.pl Now, all users can read pfind.pl, but no one can execute it.