• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 4. Unix Security & Utilities > File & Directory Permissions & Ownership

File & Directory Permissions & Ownership

If you've ever used file sharing on your Mac, you probably noticed that you can set permissions for folders and files, giving certain users, groups of users, or everyone read-only, read-write, or no access. (This is covered in Chapter 5.) Unix has almost the same system with users, groups, and public permissions.

Through the ls command, which I cover in Chapter 3) you can learn quite a bit more about the ownership and permissions of files on your system. For example, take a look at the ls-la listing for a home directory, in Figure 4. There's lots of useful information on each line.

Figure 4. A directory listing including permissions and other information for files.

The first line (starting with the word total) is the number of 512-byte blocks used by the files in the directories that follow. Below that, each line contains information about each subdirectory and file.


The group of characters at the beginning of the line (for example, drwxr-xr-x in the first entry) indicates the entry's type and permissions.

The first character indicates the type of entry:

  • d indicates a directory.

  • - indicates a file.

  • l indicates a link to another file.

The next nine characters of the permissions can be broken into three sets of three characters each. The first set of three is permissions for the owner of the file, the second set is permissions for the group owner, and the third set is permissions for everyone else who has access to the entry.

  • r indicates read permissions. This permission enables the user to open and read the file or directory contents.

  • w indicates write permissions. This permission enables the user to make changes to the file or directory contents, including delete it.

  • x indicates execute permissions. For an executable program file, this permission enables the user to run the program. For a directory, this permission enables the user to open the directory.

  • - indicates no permission.

For example, the file named listing.txt can be written to and read by the owner (ronh) and can only be read by the group (staff) and everyone else.


The next number is the number of links. This is a count of the files and directories contained within a directory entry. It's set to 1 for normal files.


Next is the owner of the file or directory. Normally this will be the name of your account. Sometimes, the system creates files for you, and you may see another owner. For example, the .. directory in Figure 4 was created by the system, which gave ownership to root, the superuser.


The group is listed next. Just as in file sharing in Mac OS 9.x and earlier, you can create groups of users that have separate permissions. You are, by default, assigned to the staff group, so many of your files are also owned by that group.

File size

The next number gives the size of the entry in bytes.

Modification date

Next is the date and time that the file or directory was last modified. A directory is modified whenever any of its contents are modified.


Last, you see the name of the file or directory.

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint