Permission types (r, w, x)

Table of Contents

Understanding Permission Types: `r`, `w`, `x`

In this chapter, we focus specifically on what the three basic permission bits mean and how they behave differently for files and directories.

You’ve already seen that every file and directory has permissions and an owner/group; here we drill into the meaning of each of the three letters: r, w, and x.

The Three Basic Permissions

For both files and directories, Linux defines three basic permission types:

r – read
w – write
x – execute

Each of these can be set or unset for:

the user (owner),
the group, and
others (everyone else).

You’ll usually see them in groups of three, like rwx, rw-, r--, etc.

Example from ls -l:

-rwxr-x---

Breakdown:

- : regular file (file type, not a permission)
rwx: permissions for user (owner)
r-x: permissions for group
---: permissions for others

This chapter is about interpreting each r, w, x in these positions.

Permissions on Regular Files

`r` (read) on files

r on a file means:

You are allowed to read the file’s contents.
Practically: you can open the file in a viewer or text editor (in read-only mode), or use commands like cat, less, head, tail on it.

Without r on a file:

You cannot see its contents, even if you know the file exists.
You might still be able to see the filename in a directory listing, depending on the directory’s permissions (explained later).

`w` (write) on files

w on a file means:

You can modify the file’s contents.
Practically: you can save changes in an editor, append to the file, or truncate it.

Without w on a file:

You cannot modify its contents.
You may still be able to delete or rename the file if the directory it’s in is writable by you (because deletion is an operation on the directory, not the file itself).

Common misconception:

w on a file does not control deletion of the file; deletion is controlled by the directory’s w and x permissions.

`x` (execute) on files

x on a file means:

You are allowed to run the file as a program or script.
The kernel will attempt to execute it when you run something like ./script.sh or ./program.

Without x on a file:

You cannot run it directly as a command, even if it contains valid program code or a script.
You might still run it indirectly via an interpreter, e.g.:

  python script.py
  bash script.sh

In those cases, you only need r (the interpreter reads the file); the script itself doesn’t need x.

Typical combinations you’ll see on files:

rw- : readable and writable, not executable (e.g., documents, configs).
r-- : read-only file (e.g., system documentation).
r-x : readable and executable (e.g., public commands).
rwx : full access for that class (user/group/others).

Permissions on Directories

Permissions on directories behave differently. They control not the directory file’s contents, but what you can do with the entries inside the directory: listing, entering, creating, deleting, and renaming files.

Think: a directory is a list of filenames → inodes (entries). Directory permissions control access to that list and the ability to change it.

`r` (read) on directories

r on a directory means:

You can read the list of filenames stored in that directory.
Practically: you can run ls to see the filenames in that directory.

Without r on a directory:

You cannot get a directory listing (e.g., ls will fail).
However, if you already know a filename and have appropriate permissions, you might still access the file by its path (depending on x).

`x` (execute) on directories

On directories, x is often called search or traverse permission.

x on a directory means:

You can traverse the directory: enter it and access files or subdirectories within it (if you know their names).
Practically:

You can cd into the directory.
You can access files by path, like /some/dir/file.txt, provided you have x on each directory in the path.

Without x on a directory:

You cannot cd into it.
You cannot access any file or subdirectory inside it, even if you know the name and the file itself has r permission.
You may still be able to see the directory name itself from its parent directory listing (if the parent is readable).

The combination of r and x is very important for directories:

r only: you can theoretically see the list of names, but you cannot enter the directory or access the files.
x only: you can access files if you know their names, but you cannot list the directory to discover those names.

`w` (write) on directories

w on a directory means:

You can modify the directory entries—create, delete, or rename files/subdirectories inside that directory.
Practically, with w and x on a directory, you can:

touch newfile
rm somefile
mv oldname newname
mkdir subdir
rmdir subdir (if empty, and you have appropriate perms on the subdir)

Without w on a directory:

You cannot create, delete, or rename entries in that directory.
You may still read or modify existing files inside it, if the files themselves allow it and you have x on the directory.

Important interaction:

To create or delete an entry in a directory, you generally need both:

w on the directory (to change the list of entries)
x on the directory (to access it at all)

Typical directory permission combinations

Some common examples:

r-x on a directory:

You can list the directory (ls).
You can cd into it.
You cannot create or delete files there.
Good for: read-only public data directories.

rwx on a directory:

Full control: list, enter, create, delete, rename entries.
Good for: your home directory, work directories you manage.

--x on a directory:

You cannot list it, but you can access files if you know their names.
Sometimes used for slightly obscuring contents (security-by-obscurity, not strong security).

File vs Directory Permissions: Summary Table

Permission	On a file	On a directory
`r`	Read file contents	List directory entries (e.g., `ls`)
`w`	Modify file contents	Create/delete/rename entries inside directory
`x`	Execute file as a program/script	Traverse/search: `cd` into, access entries by name

Key idea: file permissions affect the contents of that file; directory permissions affect the list of filenames and your ability to traverse the path.

How Permissions Appear in `ls -l`

When you run ls -l, you’ll see a 10-character string at the start of each line:

drwxr-xr-x  2 alice users  4096 Dec 12 10:00 docs
-rw-r-----  1 alice users  1024 Dec 12 10:05 notes.txt

Breakdown:

First character: type

d = directory
- = regular file
(others exist but belong to a different chapter)

Next 3: rwx for user (owner)
Next 3: r-x for group
Last 3: r-x or --- etc. for others

You now know how to interpret each r, w, x in these positions differently depending on whether the item is a file or a directory.

Practical Mental Model

For files:

r = can I open and read it?
w = can I change its contents?
x = can I run it as a program?

For directories:

r = can I see what’s in this folder?
w = can I add/remove/rename items in this folder?
x = can I enter this folder and access items by name?

Understanding this distinction is crucial before you start changing permissions and ownership, which are handled in separate chapters.

Comments

Please login to add a comment.

Don't have an account? Register now!