In order to create, access or remove a file, a user must have the appropriate permission right in accordance with the protection mode accompanying the file. If a user types “ls -ls” under shell, the information about the files is shown:

total 4
2 -rwxr-xr--      1    C01                        914 Feb 28 15:23     prog.x
1 drwx------      2    C01                        128 Jan 10 23.16     secret.dir
1 -rw-rw-rw-      1    C01                        12 Jan 12 11:13      test


which stands for :

  • total 4                Total number of 512-byte blocks used by this directory.
  • 2                           Total number of blocks used by this file.
  • -rwxr-xr–        The file type and protection mode.
  • 1                           The number of links to the file or directory.
  • C01                     The owner’s login name
  • 914                      The file size in bytes.
  • Feb 28 15:23    Time of last modification.
  • prog.x                The file name.

As shown above, there are 10 characters describing the file type and protection mode. The first (leftmost) character represents the file type (“-” for ordinary file, “d” for directory file and others for special files). The remaining 9 form the file protection mode. This information is used to protect the accessibility of files within the system. There are 3 permission types for a file:

r : read permission
w : write permission
x : execute permission

These permissions may be granted to three level of users :

u : owner
g : group
o : others

 The owner is the user who created the file. The group signifies any user who has been designated to be in the owner’s group. Others include all other authorized users of the system.  Combining the types of permission codes with the levels of users, we may have the following :

– read/write/execute permission for the owner
– read/write/execute permission for the group
– read/write/execute permission for the others

The 9 character protection code (e.g. rwxr-xr–for prog.x) can be interpreted as three sets of three bits each. The first set (rwx) refers to the owner’s permission; the next (r-x) to permission of others in the owner’s user group; and the last (r–) to all other users. Within each set, the three characters indicate permission to read, write, or execute respectively. Therefore, the file prog.x has the protection setting of:

Owner : can read, write, execute
group : can read, execute only
others : can read only