To see the access permissions on any of your files or directories use the command ls -al filename. You will see something like the following:
-rwxrw-r-- 1 tester staff 3798 Mar 19 1998 file.dat
The first position (here a "-") indicates the file type, the possible file types are:
| - | regular file |
| d | directory |
| l | link |
The following 9 bits specify the permission mode for the file and they are:
For regular files:
| r | the file can be opened and read |
| w | the file can be modified or truncated (rename and delete access is determined by permissions on the parent directory) |
| x | the file can be executed |
For directories:
| x | the directory can be entered but no files can be listed |
| r and x | the contents of the directory can be listed |
| r, x and w | files can be created, deleted and renamed within the directory |
So back to our example,
-rwxrw-r-- 1 tester staff 3798 Mar 19 1998 file.dat
Of the 9 permission bits, the first three permission bits (here "rwx") indicate access for the owner (here "tester"). The second three permission bits (here "rw-") indicate access for the group (here "staff"), i.e., anyone in the same group. The final three permission bits (here "--x") indicate access for "world", i.e., anyone with an account on the system.
To determine the permissions on your home directory type:
ls -ld ~
The command used to change the permissions on a file is chmod. It's syntax is: chmod mode filename.
The octal coding for the permission bits (or mode) is:
| Perms | Octal | Perms | Octal |
| --- | 0 | r-- | 4 |
| --x | 1 | r-x | 5 |
| -w- | 2 | rw- | 6 |
| -wx | 3 | rwx | 7 |
Again the first mode is for owner, the second for group, and the third for world. So if we wanted to change file.dat to be accessible only by the owner we would use the command:
chmod 700 file.dat This would result in-rwx------ 1 tester staff 3798 Mar 19 1998 file.dat
If you wanted the file to be readable by anyone in your group or anyone on the system. Or if this is a web document. You would use the command:
chmod 644 file.dat This would result in-rw-r--r-- 1 tester staff 3798 Mar 19 1998 file.dat
If you want to change the permission of files in a directory tree you can do this recursively via the following command: chmod -R mode directory-name
To change your default file access permissions (i.e., the permission on files that you create), you need to set your file creation mask appropriately. This is accomplished by adding the umask command to your ~/.cshrc file. The syntax is: umask mask
Where the octal coding used by the umask command:
| Perms | Octal | Perms | Octal |
| rwx | 0 | -wx | 4 |
| rw- | 1 | -w- | 5 |
| r-x | 2 | --x | 6 |
| r-- | 3 | --- | 7 |
Again the first mask is for owner, the second for group, and the third for world.
So if you want your default file access permission to be that only the file owner (you) can read or write the file, you would should put the following command:
umask 077
in your ~/.cshrc file. Note, this will only affect the permission of new files that you create, it won't change the permissions on existing files. Use the chmod command described above to change existing files.