Linux Permission Management Basics
Linux permission management is the foundation of system security. In this basics guide, you'll safely learn permission mechanisms, risk avoidance techniques, and chmod basics. We focus on common beginner traps and correct solutions.
Table of Contents
1. Basic Permission Concepts
In Linux, all files and directories have 3 types of users and 3 types of permissions.
User Types
- Owner (u) - File owner
- Group (g) - Group members
- Others (o) - Other users
Permission Types
- Read (r) - Read permission (4)
- Write (w) - Write permission (2)
- Execute (x) - Execute permission (1)
2. ⚠️ Common Beginner Traps and Dangerous Patterns
Learn about dangerous operations beginners often make and common misconceptions in Linux permission management to avoid security risks.
🚨 Most Dangerous: chmod 777 Abuse
NEVER do this operation
❌ Dangerous Examples
$ chmod 777 /var/www/html/ $ chmod -R 777 /home/user/ $ chmod 777 /etc/config.php
This is extremely dangerous! Anyone can read, write, and execute the files.
🔥 Dangers of 777
- Security Breach - Other users can access confidential information
- System Destruction - Unintended modification/deletion of critical files
- Malware Infection - Risk of executing malicious code
- Data Leakage - Unauthorized access to sensitive data
✅ Correct Alternatives
- Web files:
chmod 644(files) /chmod 755(directories) - Config files:
chmod 600(owner-only access) - Executables:
chmod 755orchmod 700 - Log directories:
chmod 750(group read allowed)
🔍 Common Permission Misconceptions
❌ Mistake: "Can't access = chmod 777 fix"
Symptom: Can't open file, getting errors
Wrong Solution: chmod 777 filename
✅ Correct Approach
- Check current permissions:
ls -l filename - Grant minimum necessary permissions:
chmod 644 filename - Verify ownership:
ls -l filename | awk '{print $3 $4}' - Change ownership if needed:
sudo chown user:group filename
❌ Mistake: Misusing Recursive Permission Changes
Dangerous command: chmod -R 777 /
Result: Complete system security breakdown
✅ Correct Method
$ find /var/www/html -type f -exec chmod 644 {} \;
$ find /var/www/html -type d -exec chmod 755 {} \;
Set appropriate permissions separately for files and directories
❌ Mistake: Confusing Execute Permission
Common misconception: "Need execute permission to open files"
✅ Correct Understanding
- Text files: Only read permission (r) needed
- Script execution: Execute permission (x) required
- Directory access: Execute permission (x) required
$ chmod 644 document.txt # Text file $ chmod 755 script.sh # Executable script $ chmod 755 directory/ # Directory
🪤 Specific Traps Beginners Fall Into
Trap 1: Website Won't Display
Problem: "403 Forbidden" error appears
Wrong Solution: chmod -R 777 /var/www/html/
Result: Security vulnerability created!
Correct Solution:
$ sudo find /var/www/html -type d -exec chmod 755 {} \;
$ sudo find /var/www/html -type f -exec chmod 644 {} \;
$ sudo chown -R www-data:www-data /var/www/html/
Trap 2: SSH Private Key Access Denied
Problem: "Permission denied (publickey)" error
Wrong Solution: chmod 777 ~/.ssh/id_rsa
Result: SSH rejects the private key (security feature)
Correct Solution:
$ chmod 700 ~/.ssh/ # Directory $ chmod 600 ~/.ssh/id_rsa # Private key $ chmod 644 ~/.ssh/id_rsa.pub # Public key $ chmod 600 ~/.ssh/config # Config file
Trap 3: Script Won't Execute
Problem: "Permission denied" when running script
Check symptoms: ls -l script.sh → -rw-r--r--
Correct Solution:
$ chmod u+x script.sh # Add execute permission for owner $ chmod 755 script.sh # Or set numerically
3. Reading Permissions
Learn to correctly interpret permission information displayed by ls -l command.
Displaying Permission Information
$ ls -l example.txt -rw-r--r-- 1 user group 1024 Jan 11 10:00 example.txt
Understanding Permissions Through Examples
-rw-r--r--
Regular File
- Owner: Read and write
- Group: Read only
- Others: Read only
Use case: General documents
-rwxr-xr-x
Executable File
- Owner: Read, write, execute
- Group: Read and execute
- Others: Read and execute
Use case: Executable scripts
drwxr-xr-x
Directory
- Owner: Full access
- Group: Browse and navigate
- Others: Browse and navigate
Use case: Public directory
-rw-------
Private File
- Owner: Read and write
- Group: No access
- Others: No access
Use case: Private keys, config files
4. chmod - Changing Permissions
Use chmod (Change Mode) command to modify file or directory permissions.
Symbolic Method
Basic Syntax
chmod [who][operation][permission] file
- who: u (user), g (group), o (others), a (all)
- operation: + (add), - (remove), = (set)
- permission: r (read), w (write), x (execute)
Example: Add execute permission for owner
$ chmod u+x script.sh
Example: Remove write permission from group
$ chmod g-w file.txt
Example: Grant read permission to all users
$ chmod a+r document.pdf
Numeric Method
Commonly Used Permission Settings
$ chmod 755 script.sh # rwxr-xr-x $ chmod 644 file.txt # rw-r--r-- $ chmod 600 private.key # rw------- $ chmod 777 public/ # rwxrwxrwx (DANGEROUS!)
Recursive Changes
Change all files below directory
$ chmod -R 755 /path/to/directory/
🛡️ Safe Permission Changing Tips
1. Always check current permissions
$ ls -l filename
Understand current state before changing
2. Principle of Least Privilege
Grant only minimum necessary permissions
- Read only needed → 644
- Execution also needed → 755
- Private → 600/700
3. Gradual Changes
$ chmod u+x file.sh # Owner only first $ chmod g+x file.sh # Then group if OK
Don't make large changes at once, adjust gradually
🔐 Permission Management Series
- Basics Edition (This Article) - Permission mechanisms, risk avoidance, chmod basics
- Advanced Edition - chown, group management, umask, special permissions
- Practical Edition - Real-world scenarios, troubleshooting, security
This site participates in the Amazon Associates Program, an affiliate advertising program designed to provide means for sites to earn advertising fees by advertising and linking to Amazon.co.jp. Product prices are not affected.
📚 Recommended Books for Permission Management & Security
Carefully selected books to efficiently master Linux permission management and security. Progress from basics to security specialization and practical application.
📚 The New Linux Textbook
Target Level: Beginner to Intermediate
Comprehensive Linux textbook with permission management chapters. Learn file permission mechanisms progressively starting from chmod basics. Perfect for understanding the complete picture of permission management.
📚 Linux Security Standard Textbook
Target Level: Beginner to Intermediate (Security Basics)
Official LPI security textbook. Covers chmod, permissions, file security fundamentals comprehensively. Systematically understand security best practices like "chmod 777 dangers" learned in this article. Well-structured for beginners.
📚 Linux Server Security Complete Guide
Target Level: Intermediate to Advanced (Security Practice)
Practical server security book. Deep dive into detailed permission settings, filesystem security, security auditing. Highly recommended for those who want to learn practical security measures after mastering basic chmod.
📚 Linux for Beginners - Learn While Resolving Questions
Target Level: Beginner (Practical Introduction)
Introduction book learning permission management basics while answering "why?" questions. Like this article, progress from chmod basics step by step. Learn while resolving questions like "why is this permission needed?"
📚 Linux Server Construction & Operation Guide from Zero 2nd Edition
Target Level: Intermediate to Advanced
Practical book using permission management in real work. After mastering basic chmod, learn systematically how to use it in actual server construction and operation. Perfect for those wanting to learn practical permission settings like web server permissions and log file management.
🎉 Master Permission Management Through Practice
After acquiring knowledge from books, solidify your learning by hands-on practice with Penguin Gym Linux exercises. Use chmod, permissions, and security measures in practice to reliably improve your skills.