File permissions control which users can read a file, make changes to it or execute a file/script/etc. File permissions on a Linux server are always listed in a series of three, meaning that when you look at the permissions of a file, you are looking at the permissions of three different roles.
If you want to skip all of the background information and just see how to change the permissions click here
What are the roles?
User - abbreviated as U, generally the person who created the file.
Group - abbreviated as G, anyone who belongs to the same group to which the file is assigned. Generally, when a file is created, it inherits the same group membership as the default group of the creator.
World/Public - abbreviated as O because it also means "other." This is everyone else who isn't the user or the group.
So, when looking at them, you see the permissions for the user who owns the file, the group that is assigned to the file and everyone else (a.k.a. "world" or public permissions).
What can users access?
Each of the permission sets has three different permission types: Read (r), Write (w) and Execute (x).
Below is a visual representation of a permissions string. The Directory Bit indicates that the item is a folder/directory and not a normal file. A -(dash) indicates a regular file and would look like this: -rwxrwxrwx.
What is the difference between a Directory/Folder and a File?
Files:
Read - Gives access to view the contents
Write - Access to modify the contents
Execute - Ability to execute the file
Folder/Directory:
Read - Access to list the contents of the directory
Write - Gives access to add or remove entries from the directory
Execute - Allows the user to traverse the directory
Note: When working with permissions for directories and folders, it is important to look at the directory as a special file that contains directory entries. Having write access to a directory allows you to add or remove entries, but does not mean you can edit the contents of the entries. You have Read, Write and Execute permissions for a folder/directory and then need separate permissions for the actual files themselves.
Octal Permissions
An easier way to remember and organize permissions is by using Octal Permissions. Each level of access is represented by the numbers 0-7. These eight (octal) digits give the three access levels an assigned number from high to low; read, write, execute. Read is in the 4's column, Write is in the 2's column, Execute is in the 1's column.
Octal Read Write Execute
0 0 0 0
1 0 0 1
2 0 1 0
3 0 1 1
4 1 0 0
5 1 0 1
6 1 1 0
7 1 1 1
Each entity with access (who) is given one of these octal bit-maps in the following order from high to low: User, Group, Other. So each who has a way to represent, in octal, the read, write and execute access for it. Permissions will always start with a 0 followed by three digits (ex. 0777). The digits group together like this: 0UGP where the U is User, G is Group and P is Public/World. So, a permission of 0641 is User=6, Group=4 and Public/World=1.
Changing Permissions
You can change permissions on files and folders within your hosting by accessing your site via SFTP. We are going to be following the instructions for FileZilla in this article. If you are using a different FTP client you may want to review the support documentation for that software.
- Once you access your site via FTP you will want to navigate through to the directory or file whose permissions you wish to change.
- Once there you, will select the file or folder whose permissions you wish to change, right-click and select the option for file permissions.
- Once you select File permissions, you will be given an area where you can adjust those permissions as you see fit.
- Set the permissions and select OK.
- Once complete you will also want to disconnect from FTP.