|
Home > The Web at MHC > Setting File Permissions
Setting File Permissions
Unix computers use file permissions to determine which files and directories can be examined, modified, searched, and executed as programs by which users. Each file belongs to a single user (the owner) and to a group (the group). Permissions are set independently for the owner, the group, and everyone else.
Typically, when you create a file, only you (the owner) and (sometimes) the group are given permission to read the file. Our Web server, however, cannot show a file to the world unless everyone is permitted to read it. Therefore, after creating a new file, you must change the file permissions.
- This situation only applies when you create files from a login shell on a Unix host or by transferring the files using ftp. If you are connecting to the server volume using Apple or Microsoft networking software, the permissions should already be set properly for your files.
View Permissions
To see the permissions for all the files and subdirectories in the current directory, enter the ls -l command.
As the illustration above shows, the permissions are listed at the left side of the directory listing. The first letter tells the type of the entry. A hyphen ("-") means a regular file, while a "d" means a directory. There are then three groups of three letters. The three groups are the permissions for, in order, the owner, the group, and everyone else. The three letters in each group represent different permissions. If the first letter is an "r", it means that person has permission to read the file. If the second letter is a "w", it means that the person has permission to write to this file (to change it). If the third letter is an "x", it can mean one of two things. If the entry is a directory, the person has permission to open the directory. If the entry is a file, the person may "execute" the file as a program. In any of the positions, a hyphen ("-") indicates that that person lacks the corresponding permission.
File Permissions
You use the chmod command to change the file permissions of directories and files. Here are some sets of file permissions that you may find yourself using and the chmod commands required to create them:
| Permissions |
Description |
Commands Required |
-rw-r--r-- |
For a file that only you will be editing. It allows everyone to read it, but only you may edit it. |
chmod 644
filename
|
-rw-rw-r-- |
For a file that you and the members of the group will edit. It allows everyone to read it, but only you and the group may edit it. |
chmod 664
filename
|
-rw-rw-rw- |
This one is bad. It allows absolutely anyone on campus to edit your file. Avoid this one at all costs! |
|
drwxr-xr-x |
For a directory in which only you can create and delete files. It allows everyone to find files inside of it, but only you can add files, rename them, or remove them. (In many cases, the owner of a file can remove it regardless of the directory's permissions, but this is a special case.) |
chmod 755
directoryname
|
drwxrwxr-x |
For a directory in which you and the group can create and delete files. It allows everyone to find files inside of it, but only you and the group can add, rename, or remove files. (The same special case applies as for the previous example.) |
chmod 775
directoryname
|
drwxrwxrwx |
This one is bad. It allows absolutely anyone on campus to mess with your files. Avoid this one like the plague! |
|
In the illustration below, we see that the permissions for the file index.html are set incorrectly (upper blue circle). They do not allow everyone to read the file. In addition, I want all the people in the editing group to be able to edit this file. Therefore, I use the command chmod 664 index.html to change the permissions (red circle). Now the permissions are correct (lower blue circle).
What Happens When You Get Permissions Wrong?
If you get your permissions wrong, you will receive an automatic notification of the problem by email. The user will see something like this when trying to access your page:
|
