Every file in the linux system has an owner and a group.
Then there is everybody else (“the world”).
The short version of permissions shows who can do what with the file in this order: owner, group, world.
The permissions may be represented using either numbers or letters:
| Permission | num | ltr |
|---|---|---|
| read | 4 | r |
| write | 2 | w |
| execute | 1 | x |
| none | 0 | - |
It takes a while to get used to reading, understand, and applying the correct permissions to files so that we allow the right level of access to the owner, the group, and the world.
In the numeric representation, the permissions are added together for each of the interested parties. So, for example, '777' means that the owner can read, write, and execute the file, the group can read, write, and execute the file, and the world can read, write, and execute the file. 4 + 2 + 1 = 7.
666 = everybody can read or write the files, but no one can execute them. 4 + 2 = 6. That is also, for those who have eyes to see, the Number of the Beast, but that's life.
Things look different when using a terminal and listing files:
-rw-r--r-- 1 fred apache 71429 2009-05-26 20:34 catalog.csv -rw-rw-r-- 1 tom apache 408 2009-03-12 21:17 index.html -rwxrwx--- 1 susan apache 4087 2009-03-12 21:17 stars.pl drwxrwxr-x 2 bill joomla 4096 2009-06-15 16:19 test
catalog.csv belongs to fred. He is a member of the apache group. Fred can read or write the file, but the group and the world can only read it. Numeric value of rw-r–r– = 644.
index.htm belongs to fred. He is a member of the apache group. Tom and members of the apache group can read or write the file, but the the world can only read it. Numeric value of rw-rw-r– = 664.
stars.pl belongs to Susan. She is a member of the apache group. Susan and the members of the group can read, write, or execute the file, but the world cannot do anything wit the file. Numeric value of rwxrwx— = 770.
test is a folder (directory) that belongs to bill (that's what the “d” means). Bill is a member of the joomla group. Bill and the other group members can read, write, or execute files in the directory (assuming the included files have the same permissions). The world can read or execute the files but can't write to the directory.