Unix/Linux permissions operate on much simpler methodology than Windows does, but as a result when you’re trying to figure out how they work it can feel like you’ve been hit by a slice of lemon wrapped around a large gold brick: It should be simple, but the way you’re used to is incompatible with what you are trying to do so it makes your brain hurt. Linux permissions are normally visible using the following scale: d | rwx | rwx | rwx. This stretch of characters actually represents four distinct sections of binary switches- directory, owner, group, other. The first value (d)- asks ‘is this a directory’, while the next group (rwx) represents what permissions the owner of the file has- read (r), write (w), and execute (x). The next set of values (rwx), represent what members of the group can do for the same permissions- read, write and execute. The final set (rwx), say what everybody else can do for those same permissions. Fairly straightforward, but where do the 755 and 644 values come into play? These actually are the real-world simplified values the permission scale listed above. For example, when reading permissions with the value of drwxr-xr-x, it would mean that it is a directory, the owner has full permissions, and while everybody else can read and execute, nobody else can write to it. So if we were to look at this as a basic yes/no (1/0) system, we would see something like this:
rwx | rwx | rwx |
111 | 101 | 101 |
So now we have binary values for each of these fields- 1 for yes, 0 for no. Now what do we do with them? We can actually calculate out the values based on what we see here, based on binary.
0000 = 0
0001 = 1
0010 = 2
0011 = 3
0100 = 4
0101 = 5
0110 = 6
0111 = 7
rwx | rwx | rwx |
111 | 101 | 101 |
7 | 5 | 5 |
This would give us 755 as shorthand for owner read, write and execute, and everybody else is read and execute. Let’s try this again with the 644 values. Let’s work out the following string: rw-r–r–:
rwx | rwx | rwx |
110 | 100 | 100 |
6 | 4 | 4 |
This would give us 644 as shorthand for owner read and write, with everybody else read-only.