The Ultimate Crash Course on File Permissions for Beginners

File permissions are one of the most important concepts in operating systems, especially if you work with Linux, servers, scripting, or application deployment. Whether you are managing a website, protecting sensitive files, or troubleshooting why a script will not run, understanding file permissions helps you control who can read, write, or execute resources on a system.

What are file permissions?

File permissions are access rules assigned to files and directories. They tell the operating system which users can interact with a resource and what kind of actions they are allowed to perform. In Unix-like systems, these actions are usually read, write, and execute.

If you are building or deploying backend systems, permission management becomes even more important. For example, when services exchange logs, configs, or secrets, permission mistakes can affect reliability and security. That is one reason scalable backend design often goes hand in hand with disciplined system administration, similar to the ideas discussed in this introduction to Node.js microservices.

How file permissions work in Linux and Unix

In Linux, every file and directory is associated with:

• An owner
• A group
• A permission set for others

When you run ls -l, you may see output like this:

-rwxr-xr-- 1 alice developers 2048 Jan 10 10:15 deploy.sh

That string contains a lot of meaning:

• - means it is a regular file
• rwx shows the owner’s permissions
• r-x shows the group’s permissions
• r-- shows others’ permissions

Understanding read, write, and execute

• Read (r): lets a user open and view a file
• Write (w): lets a user modify or delete a file, depending on directory rules
• Execute (x): lets a user run a file as a program or script

For directories, permissions behave a little differently:

• Read: view directory contents
• Write: create, rename, or delete entries in the directory
• Execute: enter the directory or access items inside it

File permissions by user class

Permissions are assigned to three classes:

1. Owner

The user who owns the file. This is often the creator, unless ownership has been changed.

2. Group

A collection of users who may need shared access to the file.

3. Others

Everyone else on the system who is neither the owner nor in the file’s group.

Numeric file permissions explained

One of the fastest ways to set file permissions is with numeric notation. Each permission has a number:

• Read = 4
• Write = 2
• Execute = 1

You add them together for each class:

• 7 = read + write + execute = 4 + 2 + 1
• 6 = read + write = 4 + 2
• 5 = read + execute = 4 + 1
• 4 = read only

For example:

chmod 755 deploy.sh

This means:

• Owner: 7 = rwx
• Group: 5 = r-x
• Others: 5 = r-x

Common permission modes

Using chmod to change file permissions

The chmod command changes file modes. You can use numeric or symbolic notation.

Numeric mode

chmod 644 notes.txt

Symbolic mode

chmod u+x script.sh
chmod g-w shared.txt
chmod o-r secret.txt

Here:

• u = user or owner
• g = group
• o = others
• + adds permission
• - removes permission
• = sets exact permission

Using chown to change ownership

Permissions and ownership work together. Even if a file has the right mode, the wrong owner can still cause access issues.

chown alice report.txt
chown alice:developers report.txt

The first command changes the owner. The second changes both owner and group.

Recursive ownership changes

chown -R webuser:webgroup /var/www/app

This is common in web app deployments, containers, and service directories.

File permissions for directories

Directories are special because their permissions control access to the names and contents inside them.

chmod 755 /var/www/html
chmod 700 /home/alice/private

A public web directory may need broader read and execute access, while a private home directory should remain locked down.

Special file permissions beginners should know

Setuid

Allows a program to run with the file owner’s privileges.

Setgid

Allows execution with the file group’s privileges, or forces new files in a directory to inherit the directory’s group.

Sticky bit

Used on shared directories so users can only delete their own files.

chmod 1777 /tmp

These advanced settings are powerful, but they should be used carefully because they can introduce security risks if misconfigured.

Why file permissions matter for security

Weak file permissions can expose secrets such as API keys, SSH keys, database credentials, and application configs. Overly broad write permissions may allow attackers or other users to alter scripts, inject malicious code, or delete data.

This is especially relevant in security testing and hardening workflows. If you want a broader view of how system weaknesses are discovered and evaluated, see this penetration testing basics guide.

Examples of risky permission setups

• 777 on sensitive files
• World-readable private keys
• Writable application scripts in production
• Shared directories without sticky bit protection

Common file permission problems and fixes

Permission denied error

This often means the current user lacks the necessary read, write, or execute access.

ls -l filename
whoami

Check ownership and mode, then adjust with chmod or chown if appropriate.

Script will not execute

chmod +x script.sh
./script.sh

If that still fails, check:

• The shebang line
• The parent directory permissions
• Whether the filesystem is mounted with execution disabled

Web server cannot access files

Make sure the web server user owns the files or belongs to the correct group, and verify directory traversal permissions.

Best practices for file permissions

• Use the principle of least privilege
• Avoid 777 unless absolutely necessary
• Store secrets with restrictive modes like 600
• Review ownership after deployments
• Audit shared directories regularly
• Use groups instead of giving access to everyone

Beginner-friendly file permissions cheat sheet

# View permissions
ls -l

# Change permissions
chmod 644 file.txt
chmod 755 script.sh
chmod u+x script.sh

# Change ownership
chown user file.txt
chown user:group file.txt

# Apply recursively
chmod -R 755 directory
chown -R user:group directory

FAQ: File permissions for beginners

What does chmod 777 mean?

It gives read, write, and execute permissions to the owner, group, and everyone else. It is generally unsafe for sensitive files because any user can modify them.

What is the difference between chmod and chown?

chmod changes permission bits, while chown changes file ownership. You often need both to solve access problems correctly.

Why can’t I open a file even if it has read permission?

You may be blocked by directory permissions, ownership rules, or a different access control layer such as ACLs or security policies.

Final thoughts on file permissions

Learning file permissions early pays off in every area of technical work, from local development to production security. Once you understand ownership, read-write-execute bits, and commands like chmod and chown, permission errors become far easier to diagnose and prevent.

For beginners, the smartest path is simple: start with the basics, avoid overly permissive modes, and always think in terms of least privilege.