How to manage file permissions with Chmod and Chown

One of the more important aspects of using Linux would be to secure your files. Especially from other users who may also be using your computer/server. Also an attack may take advantage of a user’s folders that may have permission to execute a file from within. Luckily, managing file permissions is as easy as 1-2-3 within Linux thanks to Chmod and Chown.

Chmod

Most Linux distributions use a program called Chmod to manage read, write, and execute permissions for files/folders. This program is located in the /bin/ folder. Permissions are organized through the use of numbers to dictate permissions for each subset of users and groups. Something like this:

Users  Groups  Public
[]     []      []  Read
[]     []      []  Write
[]     []      []  Execute

We can allow users/groups/and everyone to read/write to certain files and folders through the use of numbers. For example:

sudo chmod 600 /home/$USER/file.txt

We have just changed the following permissions for file.txt:

Users  Groups  Public
[x]     []      []  Read
[x]     []      []  Write
[]      []      []  Execute

Now the current owner of file.txt can read and write to it. Maybe we wrote a script in our file and want to run it. We can do either of the following:

sudo chmod +x /home/$USER/file.txt

This command will give execute permissions to everyone, which is not recommended for security reasons. A better way would be to do it like this:

sudo chmod 700 /home/$USER/file.txt

This will give the current user tied to the file full read/write/execute permissions. If you want to do that, but give the group tied to the file as well access to read and write, then you would use 760 instead.

While you can do 777 as well, again it poses a security risk because you are also giving full access to all users on the Linux system. You should only be using this permission set to diagnose an issue with certain software temporarily.

You can make it so that only the user that is currently logged in has access:

sudo chmod og-rwx /home/$USER/file.txt

This makes it easy to protect all of your files from unauthorized access.

Chown

Chmod is not the only one in town. Chown also plays a role regarding permissions by dictating what user and/or group has ownership of the file. You can also find it in the /bin/ folder. In order to find out what permissions a file/folder has, you can do sudo dir -l | grep file.txt.

Chmod and Chown

The file is displayed, along with the currently applied permissions to it. You will also notice the ownership of the file by user and group. These play an important role in defining permissions through Chmod.

You can change who owns a particular file/folder by running the following command:

sudo chown user:group /home/$USER/file.txt

In order to change all files/folders within at the same time, you can also do this:

sudo chown user:group -R /home/$USER/

The -R refers to changes made recursively to everything within your user folder. This can be used with both Chmod and Chown.