0
0
Linux CLIscripting~15 mins

Numeric permission mode (755, 644) in Linux CLI - Deep Dive

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Overview - Numeric permission mode (755, 644)
What is it?
Numeric permission mode is a way to set file and folder access rights in Linux using numbers. Each number represents a set of permissions for the owner, group, and others. For example, 755 and 644 are common numeric codes that control who can read, write, or execute a file. This system helps manage security and sharing on a computer.
Why it matters
Without numeric permission modes, controlling who can access or change files would be confusing and error-prone. It would be like leaving your house unlocked or giving everyone the same keys. Numeric modes provide a simple, consistent way to protect files and ensure only the right people can use them. This keeps systems safe and organized.
Where it fits
Before learning numeric permission modes, you should understand basic Linux file concepts and the idea of users and groups. After this, you can learn symbolic permissions and advanced access control lists (ACLs) for more detailed control.
Mental Model
Core Idea
Numeric permission mode encodes read, write, and execute rights for owner, group, and others into three digits, each from 0 to 7.
Think of it like...
It's like a three-digit lock code where each digit controls access for a different group of people: the owner, their friends, and everyone else.
Permissions breakdown:
┌───────────────┬───────────────┬───────────────┐
│ Owner (7)     │ Group (5)     │ Others (5)    │
│ rwx (4+2+1=7) │ r-x (4+0+1=5) │ r-x (4+0+1=5) │
└───────────────┴───────────────┴───────────────┘

Digit meanings:
4 = read (r)
2 = write (w)
1 = execute (x)
0 = no permission (-)
Build-Up - 7 Steps
1
FoundationUnderstanding Linux File Permissions
🤔
Concept: Files and folders have permissions that control who can read, write, or execute them.
In Linux, every file and folder has three sets of permissions: one for the owner, one for the group, and one for others (everyone else). Each set controls three actions: read (view contents), write (change contents), and execute (run the file or enter the folder).
Result
You know that permissions are split into three groups and three actions each.
Understanding the three groups and three actions is the foundation for managing file security.
2
FoundationSymbolic vs Numeric Permission Representation
🤔
Concept: Permissions can be shown as letters (rwx) or numbers (0-7) to represent the same rights.
Symbolic permissions look like rwxr-xr-x, showing letters for read, write, and execute. Numeric permissions use three digits, each from 0 to 7, where each digit sums the values for read (4), write (2), and execute (1). For example, rwx = 7, r-x = 5, and so on.
Result
You can read and convert between symbolic and numeric permissions.
Knowing both forms lets you understand commands and scripts that use either style.
3
IntermediateCalculating Numeric Permission Digits
🤔Before reading on: do you think write permission adds 2 or 3 to the numeric digit? Commit to your answer.
Concept: Each permission (read, write, execute) has a numeric value that adds up to form a digit.
Read permission is 4, write is 2, and execute is 1. To get a digit, add the values of the permissions you want. For example, read + write + execute = 4 + 2 + 1 = 7, which means full permissions.
Result
You can calculate digits like 7, 6, 5, 4, 0 based on permission combinations.
Understanding the numeric values behind permissions helps you set exactly the access you want.
4
IntermediateCommon Numeric Modes: 755 and 644
🤔Before reading on: does 755 allow others to write to the file? Commit to your answer.
Concept: 755 and 644 are standard permission sets for executable and non-executable files.
755 means owner can read, write, execute (7), group and others can read and execute (5). It's common for programs or scripts. 644 means owner can read and write (6), group and others can only read (4). It's common for documents or config files.
Result
You recognize what 755 and 644 mean and when to use them.
Knowing these common modes saves time and prevents security mistakes.
5
IntermediateUsing chmod with Numeric Modes
🤔
Concept: chmod command changes file permissions using numeric codes.
To set permissions, use chmod followed by the numeric mode and the file name. For example, chmod 755 script.sh sets the script to be executable by everyone but only writable by the owner. chmod 644 file.txt makes the file readable by all but writable only by the owner.
Result
You can change file permissions quickly using numeric codes.
Mastering chmod with numeric modes is essential for managing file access efficiently.
6
AdvancedUnderstanding Permission Bits and Special Modes
🤔Before reading on: do you think numeric modes can represent special permissions like setuid? Commit to your answer.
Concept: Numeric modes can include special bits like setuid, setgid, and sticky bit using a fourth digit.
Besides the three digits for owner, group, and others, a leading digit can set special permissions: 4 for setuid, 2 for setgid, and 1 for sticky bit. For example, 4755 sets setuid with normal 755 permissions. These control advanced behaviors like running files with owner privileges or restricting file deletion.
Result
You understand how to represent and use special permission bits numerically.
Knowing special bits prevents security risks and enables advanced system setups.
7
ExpertNumeric Modes in Complex Permission Systems
🤔Before reading on: do you think numeric modes alone can fully replace ACLs? Commit to your answer.
Concept: Numeric modes are simple but limited; complex access control requires ACLs beyond numeric codes.
While numeric modes cover basic permissions, Access Control Lists (ACLs) allow detailed rules for multiple users and groups. Numeric modes can't express these fine-grained controls. Experts use numeric modes for quick settings and ACLs for complex environments. Understanding numeric modes helps interpret ACL defaults and fallback permissions.
Result
You see numeric modes as a foundation, not the full solution for permissions.
Recognizing numeric modes' limits guides when to use more advanced permission tools.
Under the Hood
Linux stores permissions as bits in the inode metadata of a file. Each permission (read, write, execute) corresponds to a bit set to 1 or 0 for owner, group, and others. Numeric modes are just a human-friendly way to represent these bits as octal numbers. When you run chmod with a numeric mode, the system converts the digits to bits and updates the inode accordingly.
Why designed this way?
The numeric system was designed for simplicity and compactness, using octal numbers to represent three bits per digit. This made it easy to read, write, and script permissions without verbose text. Alternatives like symbolic modes exist but numeric modes remain popular for scripting and quick changes due to their brevity and clarity.
Permission bits layout:
┌───────────────┬───────────────┬───────────────┐
│ Owner         │ Group         │ Others        │
├───────────────┼───────────────┼───────────────┤
│ r w x (bits)  │ r w x (bits)  │ r w x (bits)  │
│ 4 2 1         │ 4 2 1         │ 4 2 1         │
└───────────────┴───────────────┴───────────────┘

chmod 755 sets bits:
Owner: 7 = 111 (rwx)
Group: 5 = 101 (r-x)
Others: 5 = 101 (r-x)
Myth Busters - 4 Common Misconceptions
Quick: Does 755 allow everyone to write to the file? Commit to yes or no.
Common Belief:755 means everyone can read, write, and execute the file.
Tap to reveal reality
Reality:755 means only the owner can write; group and others can only read and execute.
Why it matters:Assuming 755 allows everyone to write can cause accidental file changes or security breaches.
Quick: Is 644 suitable for executable scripts? Commit to yes or no.
Common Belief:644 is fine for scripts because it allows reading and writing by the owner.
Tap to reveal reality
Reality:644 does not allow execute permission, so scripts with 644 cannot run directly.
Why it matters:Using 644 on scripts prevents them from running, causing confusion and errors.
Quick: Can numeric modes express all possible permission settings including ACLs? Commit to yes or no.
Common Belief:Numeric modes can fully control all file permissions and access rules.
Tap to reveal reality
Reality:Numeric modes only cover basic owner, group, and others permissions; ACLs provide more detailed control.
Why it matters:Relying only on numeric modes limits security and flexibility in complex environments.
Quick: Does the leading digit in numeric mode always represent owner permissions? Commit to yes or no.
Common Belief:The first digit in a numeric mode always sets owner permissions.
Tap to reveal reality
Reality:The first digit is for special bits like setuid, setgid, and sticky bit, not owner permissions.
Why it matters:Misunderstanding this can lead to incorrect permission settings and security issues.
Expert Zone
1
Numeric modes do not show the difference between symbolic links and regular files, which affects how permissions apply.
2
The execute bit on directories means permission to enter and list contents, which differs from files where it means running the file.
3
When multiple numeric modes are combined with umask, the final permissions can be surprising if umask is not considered.
When NOT to use
Numeric modes are not suitable when you need fine-grained permissions for multiple users or groups; in such cases, use Access Control Lists (ACLs) or SELinux policies instead.
Production Patterns
In production, numeric modes are used for quick permission fixes and scripting automation, while ACLs handle complex user access. Common patterns include setting 755 for executable scripts and 644 for configuration files, combined with umask settings for default permissions.
Connections
Binary Number System
Numeric permission modes use octal numbers which are closely related to binary bits representing permissions.
Understanding binary helps grasp how each permission bit is set and combined into numeric digits.
Role-Based Access Control (RBAC)
Numeric modes implement a simple form of RBAC by assigning permissions to owner, group, and others.
Knowing numeric modes clarifies the basics of access control before moving to complex RBAC systems.
Physical Door Locks
Both numeric permission modes and door locks control access by granting or restricting entry to different groups.
Seeing permissions as locks helps understand why some users can enter (execute) or only look (read) but not change (write).
Common Pitfalls
#1Setting 755 on a file that should not be executable.
Wrong approach:chmod 755 document.txt
Correct approach:chmod 644 document.txt
Root cause:Confusing execute permission with read permission, leading to unnecessary execute rights.
#2Using numeric mode without considering umask, resulting in unexpected permissions.
Wrong approach:chmod 777 file.sh (expecting full access for all)
Correct approach:chmod 755 file.sh (considering umask to restrict write access for group and others)
Root cause:Ignoring system default permission masks that modify final permissions.
#3Assuming numeric modes can set special permissions without the leading digit.
Wrong approach:chmod 755 script.sh (expecting setuid to be set)
Correct approach:chmod 4755 script.sh (correctly sets setuid with normal permissions)
Root cause:Not knowing the role of the leading digit for special permission bits.
Key Takeaways
Numeric permission modes use three digits to represent read, write, and execute rights for owner, group, and others.
Each digit is a sum of values: 4 for read, 2 for write, and 1 for execute, making it easy to calculate permissions.
Common modes like 755 and 644 serve typical use cases for executable and non-executable files respectively.
chmod command applies numeric modes to files, but special bits require a leading digit in the mode.
Numeric modes are simple and powerful but have limits; advanced access control needs ACLs or other systems.