Linux permissions cheatsheet Subscribe to hakunin.com

written by Maxim Chernyak on 15 Jun, 14

chmod [a]bcd

bit scope description
a   sticky:1, setgid:2, setuid:4 (optional, default: 0)
b owner x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7
c group x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7
d everyone x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7

files

bit setting meaning
sticky on files no effect
setgid on execable binaries no matter who executes, process runs as file’s group
setuid on execable binaries no matter who executes, process runs as file’s owner
setuid/setgid on scripts ignored due to security issues
setuid/setgid on non-execables no effect1

Warning: setuid is dangerous

directories

bit setting meaning
x on dirs cd, stat (e.g. ls -l), inode lookup (access files)
w on dirs add/delete/rename files (requires x for inode lookup)
r on dirs ls

sticky on dirs

setgid on dirs

setuid on dirs

sources

  1. There is an exception. See “SUID and SGID on non-executable files” on this page

comments powered by Disqus