Introduction
You're attempting to resolve a permissions issue with your web server and have discovered that you need to recursively chmod 777 the web directory. Make sure you understand what chmod -R 777 does and why you should never set permissions to 777.
In this tutorial, you will learn about chmod 777 command, as well as the numbers that correspond to the permissions. We will also address a few FAQs on chmod 777.
Understanding Linux File Permissions
The operating system in Linux uses file permissions, characteristics, and ownership to control access to files. Understanding the Linux file system permissions model can help you safeguard your system by limiting access to files and directories to only authorized users and processes.
Each file is owned by a specific user and group, and authorization access rights are assigned to three different types of users:
- The owner of the file.
- Members of the group.
- Others (everybody else).
There are three sorts of file permissions that apply to each user class and let you select which users are permitted to read, write, or execute the file. Both files and folders have identical permission properties, however, they have different meanings:
1) Read Permissions
- The file can be read. When the read permission is enabled, the user can open the file in a text editor, for example.
- The contents of the directory can be viewed. The
lscommand allows the user to see a list of files within a directory.
2) Write Permissions
- The file can be altered or changed.
- The contents of the directory can be changed. The user has the ability to create new files, remove existing files, move files, and rename files, among other things.
4) Execute Permission
- It is possible to run the file.
- The
cdcommand can be used to navigate to a certain directory.
The ls command can be used to view file permissions. Here's an illustration:
ls -l filename.txt
Output
-rw-r--r-- 12 linuxize users 12.0K Apr 8 20:51 filename.txt
|[-][-][-]- [------] [---]
| | | | | | |
| | | | | | +-----------> 7. Group
| | | | | +-------------------> 6. Owner
| | | | +--------------------------> 5. Alternate Access Method
| | | +----------------------------> 4. Others Permissions
| | +-------------------------------> 3. Group Permissions
| +----------------------------------> 2. Owner Permissions
+------------------------------------> 1. File Type
The file type is indicated by the first character. It could be a normal file (-), a directory (d), a symbolic link (l), or any other sort of file.
The file permissions are represented by the next nine characters, which are divided into three triplets of three characters each. The first triplet displays owner permissions, the second displays group permissions, and the third triplet displays permissions for everyone else.
Permission Number
File permissions can be expressed numerically or symbolically. The numeric format will be the emphasis of this tutorial.
The permit number might be three or four digits long, and it can range from 0 to 7.
When a three-digit number is used, the first digit represents the file's owner's permissions, the second represents the file's group, and the third represents all other users.
The following numbers represent the write, read, and execute permissions:
- no permissions = 0
r(read) = 4w(write) = 2x(execute) = 1
The sum of the permissions values for a single user class is the permissions digit for that class.
Each of the permissions number's digits can be any combination of 4, 2, 1, or 0:
- 0 (0+0+0) – Permission denied.
- 1 (0+0+1) – Execution permission only.
- 2 (0+2+0) - Write access only.
- 3 (0+2+1) - Permissions to write and execute.
- 4 (4+0+0) - Permission to just read.
- 5 (4+0+1) – Permission to read and execute.
- 6 (4+2+0) – Permissions to read and write.
- 7 (4+2+1) – Permission to read, write, and execute.
If the permission number is set to 750, for example, it signifies that the file's owner has read, write, and execute access, the file's group has read and execute permissions, and other users have none:
- Owner: rwx=4+2+1=7
- Group: r-x=4+0+1=5
- Others: ---=0+0+0=0
The first digit of a four-digit number has the following meaning:
- setuid=4
- setgid=2
- sticky=1
- 0 if there are no changes
The meaning of the next three digits is the same as when using a three-digit number. If the initial digit is 0, the mode can be represented with only three digits. The numeric mode 0755 is the same as the numerical mode 755.
Use the stat command to see the file's permissions in numeric (octal) notation:
stat -c "%a" filename
Output
644
Never Use chmod 777
Setting 777 permissions on a file or directory make it readable, writable, and executable by all users, which can be dangerous.
If you set the permissions of all files and subdirectories in the /var/www directory to 777, any user on the system will be able to create, delete, and modify files in that directory.
Instead of recursively setting the permission to 777, change the file's ownership to the user running the application and set the file's rights to 644 and directory's permissions to 755.
The chown command can be used to alter file ownership and the chmod command can be used to change permissions.
Assume you have a PHP application running on your server as the user vega. You would perform the following commands to set the proper permissions:
chown -R linuxize: /var/www
find /var/www -type d -exec chmod 755 {} \;
find /var/www -type f -exec chmod 644 {} \;
A file's permissions can only be changed by root, the file owner, or a user with sudo access. When using chmod, be extremely cautious, especially if you're modifying permissions recursively.
FAQs on chmod 777
Is it safe to use "chmod 777" on all files and directories?
Using "chmod 777" gives full permissions to everyone, which can pose security risks by allowing unauthorized access or modification. It is generally recommended to avoid using such broad permissions unless absolutely necessary.
When might "chmod 777" be required?
"chmod 777" might be required in certain situations, such as when you need temporary broad access for development or debugging purposes. However, it's important to use caution and revert permissions to more secure settings afterwards.
How do I use "chmod 777"?
To use "chmod 777", simply open a terminal and run the command followed by the file or directory you want to modify. For example, chmod 777 myfile.txt grants full permissions to myfile.txt.
Can I use "chmod 777" recursively on directories?
Yes, you can use the -R flag to apply "chmod 777" recursively to directories and their contents. However, be cautious, as it can grant excessive permissions to files and directories that may not require them.
What are the alternatives to "chmod 777"?
Instead of using "chmod 777", it's better to analyze the specific access requirements and assign appropriate permissions. You can use numeric or symbolic notation to set permissions at a more granular level.
What is the difference between "chmod 777" and "chmod +rwx"?
There is no practical difference between "chmod 777" and "chmod +rwx". Both commands grant full permissions to the owner, group, and others.
How can I check the current permissions of a file or directory?
You can use the "ls -l" command to list files and directories along with their permissions. The permissions are displayed as a series of letters (r = read, w = write, x = execute) in the leftmost column.
Conclusion
It's critical to understand how Linux permissions function if you're in charge of a Linux system.
Permissions for files and directories should never be set to 777 (rwxrwxrwx). 777 signifies that anyone can access those files and do whatever they want with them.
If you have any queries, please leave a comment below and we’ll be happy to respond to them.