File and Directory Attributes

File and Directory Attributes
Prev	Chapter 3. Linux Primer	Next

Each file and directory in Linux has a specified set of attributes used for security. Knowing these will help you to track down problems, and understand why a step-by-step instruction guide tells you to use, for example, the chmod command (a common command used in Linux).

First, each file and directory belongs to a user, and to a group. These items are determined during the installation, and then when each user creates a file or directory. Every user belongs to a group, and when a user saves a file, Linux stores that users name, and the group to which that user belongs with the file. Consider the following directory entry:

-rwxr-xr-x 1 sh-httpd adm 5985 Aug 20 18:24 index.html

In this entry, the file index.html belongs to a user called sh-httpd. The file also belongs to the adm group.

When displaying a files attributes (See the section called “Getting Around in the File System” below on how to display a files attributes.), you will see a series of characters that take up the first 10 spaces of each file or subdirectory in that directory (see the above directory entry). The first space tells you what kind of entry this is. A dash means that this is a regular file. A 'd' indicates that this is a directory. An 'l' means that this is a link to another file. The next three characters indicate the permissions of the files owner. An 'r' means the owner can read the file. A 'w' means the owner can write (make changes) to the file. The 'x' means the owner can execute or run the file (if it is a binary application or script file). The next three characters describe the permissions for the group to which this file was assigned. The same three letters are used and they have the same meaning. The last three characters describe the permissions of anyone who is not the files owner, and anyone who does not belong to the group to which this file belongs. Again, the same letters are used, and they have the same meaning. A dash is used if a permission is not allowed. From this, and the permissions in the example output above, we can determine the following:

This is a regular file (not a directory or link to another file).
The files owner, sh-httpd, can read, write, and execute this file.
Members of the adm group can read this file, and execute it (open it in a browser), but not make changes to it.
Anyone who is not in the adm group can read and execute this file, but not make changes to it.