Differences between file and directory permissions – HP NonStop G-Series User Manual
Page 122
The user/owner of a file or directory is generally the person who created it. If you are the owner
of a file, you can change the file permissions with the chmod command, which is described in
“Setting File and Directory Permissions (chmod)” (page 124)
The group specifies the group to which the file belongs. If you are the owner of a file, you can
change the group ID of the file with the chgrp command, which is described in
“Others” are all other users on the system.
You can give each of the three types of users separate permission to read, write, or execute each
of your files and directories. By assigning permissions to read, write, and execute a file or directory,
you can regulate not only who is able to access your files and directories but also how they can
access your files and directories.
The meanings of the three types of permissions differ slightly between ordinary files and directories,
as shown in
Table 18 Differences Between File and Directory Permissions
For a Directory
For a File
Permission
Contents can be read, but not searched.
Normally, r and x are used together.
Contents can be viewed or printed.
r
(read)
Entries can be added or removed.
Contents can be changed or deleted.
w
(write)
Directory can be searched.
File can be used as a program.
x
(execute)
Taken together, all the permissions for a file or directory are called its “permission code.” For
example:
drwxrwxrwx
As
shows, a permission code consists of four parts:
•
The first character in the code shows the file type. A - (hyphen) indicates an ordinary file and
the letter d indicates a directory. Any other character indicates an I/O device.
•
The next three characters show user (owner) permissions in the order r (read), w (write), and
x
(execute).
•
The next three characters show group permissions in the order r, w, and x.
•
The last three characters show permissions for all others in the order r, w, and x.
An s in the owner “execute” position indicates that the set user ID (setuid) bit is set. An s in the
group “execute” position indicates that the set group ID (setgid) bit is set. The setuid and setgid
bits are used to allow programs to access files and processes that would otherwise be unaccessable.
A t in the others “execute” position indicates that the sticky bit is set. When the sticky bit is set for
a directory, only the directory owner can delete the directory or its files, even though other users
have write permission. When the sticky bit is set for a process, that process is retained in the swap
area even when not being executed. The sticky bit is sometimes used for frequently executed
processes.
Note that a hyphen in the permissions for owner, group, or others indicates that the permission
(read, write, or execute) normally holding that position in the code is not granted.
122
Managing Access to Files and Directories