How Unix File Ownership Works

UNIX is a multi-user environment, how does it maintain security inside of itself?

Every file has an owner and permissions.

There are three levels of ownership:

  • User

  • Group

  • Other

Three levels of permissions:

  • Read

  • Write

  • Execute

How is this useful? Well imagine a lab! There are files that an entire lab should have access to. So put all users in a lab into a lab group, then sharing a file between a lab just means making the lab group the owner of a file. This is already what we do on Luria!

Read File Ownership and Permissions

You can view the ownership and permissions of a file by running ls -l. Here's an example of the output of ls -l:

[asoberan@luria unixclass]$ ls -l
total 40
-rwxr-xr-x 1 asoberan ki-bcc 3845 Apr 28 21:48 arrayAnnot.txt
-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt
-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayHard.txt
-rwxr-xr-x 1 asoberan ki-bcc 1634 Apr 28 21:48 arraylen.txt
lrwxrwxrwx 1 asoberan ki-bcc   12 Apr 28 22:13 arraySoft.txt -> arrayDat.txt
-rwxr-xr-x 1 asoberan ki-bcc 3128 Apr 28 21:48 beep.txt
-rw-r--r-- 1 asoberan ki-bcc  528 Apr 28 21:48 ex1.sh
-rw-r--r-- 1 asoberan ki-bcc  479 Apr 28 21:48 ex2.sh
-rw-r--r-- 1 asoberan ki-bcc  368 Apr 28 21:48 ex3.sh
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_1.fastq
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_2.fastq

Let's focus on the arrayDat.txt file.

-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt

asoberan ki-bcc describes the ownership of a file. In this case, the user asoberan and the group ki-bcc own the file.

-rwxr-xr-x describes the permissions that the owners of the file have.

The permissions can be broken down into three parts:

  • The user's permissions

    • -rwx

    • The user asoberan has read (r), write (w), and execute (x) permissions for this file.

  • The group's permissions

    • r-x

    • The group ki-bcc has read (r) and execute (x) permissions for this file.

  • Everyone's else's permissions

    • r-x

    • Anyone who isn't asoberan or in the group ki-bcc has read (r) and execute (x) permissions for this file.

To check what group you are in, you can use the groups command:

[asoberan@luria unixclass]$ groups
ki-bcc
PreviousFile OwnershipNextChange File Ownership and Permissions

Last updated