# How Unix File Ownership Works

UNIX is a multi-user environment, how does it maintain security inside of itself?

Every file has an owner and permissions.

There are three levels of ownership:

* User
* Group
* Other

Three levels of permissions:

* Read
* Write
* Execute

How is this useful? Well imagine a lab! There are files that an entire lab should have access to. So put all users in a lab into a lab group, then sharing a file between a lab just means making the lab group the owner of a file. This is already what we do on Luria!

## Read File Ownership and Permissions

You can view the ownership and permissions of a file by running `ls -l`. Here's an example of the output of `ls -l`:

<pre class="language-bash"><code class="lang-bash">[asoberan@luria unixclass]$ ls -l
total 40
-rwxr-xr-x 1 asoberan ki-bcc 3845 Apr 28 21:48 arrayAnnot.txt
<strong>-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt
</strong>-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayHard.txt
-rwxr-xr-x 1 asoberan ki-bcc 1634 Apr 28 21:48 arraylen.txt
lrwxrwxrwx 1 asoberan ki-bcc   12 Apr 28 22:13 arraySoft.txt -> arrayDat.txt
-rwxr-xr-x 1 asoberan ki-bcc 3128 Apr 28 21:48 beep.txt
-rw-r--r-- 1 asoberan ki-bcc  528 Apr 28 21:48 ex1.sh
-rw-r--r-- 1 asoberan ki-bcc  479 Apr 28 21:48 ex2.sh
-rw-r--r-- 1 asoberan ki-bcc  368 Apr 28 21:48 ex3.sh
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_1.fastq
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_2.fastq
</code></pre>

Let's focus on the `arrayDat.txt` file.

<pre><code><strong>-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt
</strong></code></pre>

`asoberan ki-bcc` describes the ownership of a file. In this case, the user `asoberan` and the group `ki-bcc` own the file.

`-rwxr-xr-x` describes the permissions that the owners of the file have.

The permissions can be broken down into three parts:

* The user's permissions
  * `-rwx`
  * The user `asoberan` has read (`r`), write (`w`), and execute (`x`) permissions for this file.
* The group's permissions
  * &#x20;`r-x`
  * The group `ki-bcc` has read (`r`) and execute (`x`) permissions for this file.
* Everyone's else's permissions
  * `r-x`
  * Anyone who isn't `asoberan` or in the group `ki-bcc` has read (`r`) and execute (`x`) permissions for this file.

To check what group you are in, you can use the `groups` command:

```bash
[asoberan@luria unixclass]$ groups
ki-bcc
```