Publishers of technology books, eBooks, and videos for creative people

Home > Articles > Apple > Operating Systems

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend

Specifics of Permissions

Here's how to interpret the ls command's output in Terminal. There are nine fields in each line. Going from left to right, they are as follows:

Field 1: A set of 10 permission flags.

Field 2: Link count (don't worry about this)

Field 3: Owner of the file

Field 4: Associated group for the file

Field 5: Size in bytes

Field 6–8: Date of last modification

Field 9: Name of file

The permission flags are also read from left to right within the 10-digit field.

position

1: directory flag ('d' if a directory; '-' if a normal file; 'l' if an alias)

2, 3, 4: read, write, execute permission for Owner of file

5, 6, 7: read, write, execute permission for Group

8, 9, 10: read, write, execute permission for any other user

The values occurring in each of the 10 positions are listed below:

-: In any position, means that flag is not set.

r: File is readable by owner, group, or other.

w: File is writeable. On a directory, write access means you can add or delete files.

x: File is executable (only for programs and shell scripts). Execute permission on a directory means you can list the files in that directory.

s: In the place where 'x' would normally go is called the set-UID or set-groupID flag.

For an executable program with set-UID or set-groupID, that program will run using the effective permissions of its owner or group. For a directory, the set-groupID flag means that all files created inside that directory will inherit the group of the directory. Without this flag, a file takes on the primary group of the user creating the file. This property is important to people trying to maintain a directory as group-accessible. The subdirectories also inherit the set-groupID property.

Let's review the permissions hierarchy. Each level is independent. The user who is trying to access the file determines what level will be used to set permissions.

  • If the user is the owner of the file, the owner permissions will be used.
  • If the user is not the owner of the file but is in the same group as the file, the group permissions will be used.
  • If the user is not the owner of the file and is not in the same group as the file, the other permissions will be used.
  • + Share This
  • 🔖 Save To Your Account