Terminal 101: File Permissions

Every Monday, we'll show you how to do something new and simple with Apple's built-in command line application.

Every Monday, we'll show you how to do something new and simple with Apple's built-in command line application. You don't need any fancy software, or knowledge of coding to do any of these. All you need is a keyboard to type 'em out!

File permissions are important to utilize on a computer with more than one login because they keep certain user from accessing files or folders with sensitive information. Occasionally, you may need to give someone access to these particular files, and that’s when knowing how to use this tool could come in handy. Using an administrator account and the chmod command, you can “change the mode” of files and folders, which will allow other uers to read, write, or execute certain files.

Read on to learn all about file permissions and how you can change them through the command line.

What are File Permissions?

You can set permissions on any file or folder on your computer, and there are three diferent modes: read, write, and execute.

On Unix-based systems (which, if you're not familiar, is what OS X is based on), file permissions can be applied to three groups of people: User, Group, and Word (i.e., you can give read, write, or executable permissions to any of the logins in a user group). In the next section, we’ll see how permissions are represented in the OS, as well as how they are calculated.

Checking Current File Permissions

If you want to view the current file permissions on a file or folder, change the directory to the folder containing the file or folder, and then run the ls -l command.

You'll see a long directory listing, along with more information about the files and folders contained within.

In the first column, you will see the file permissions. A “d” in front denotes that the name on that line is a directory (folder) and a dash (-) in front denotes that it’s a file. There are 9 other characters after that. Break up those 9 characters into 3 groups, and you'll get the permissions for each user group (user, group, and world).

The table above shows an example of file permissions after splitting them into 3 groups. A “r” denotes read permissions, a “w” denotes write permissions, and a “x” denotes execute permissions. If there is a dash where a character should be, then that denotes that a particular file permission doesn’t exist.

So, in our example table above, the user has read, write, and executable permissions; the group has read and executable permissions; and, the world has read and executabele permissions. The only user group that can write to the file is the user that the file belongs to (the person that initially created the file).

How to Calculate the Permissions

File permissions are written a few different ways, but most people prefer the shorthand method of writing them (whereas the operating system shows the long-hand, or string permissions way, as shown above). Let’s take a look at how to calculate the shorthand needed to specify permissions for a particular file or folder.

In the above table, you can see that Read (or “r”) is equal to the number 4; Write (or “w”) is equal to the number 2; and, Execute (or “x”) is equal to the number 1.

For each group, you will calculate the file permission by adding together the file permission numbers. For instance, if we wanted the user to have read, write, and execute privileges, then they’d have a 7 (or 4 + 2 + 1); if we wanted the group to have read and execute privileges, then they’d have a 5 (or 4 + 1). A zero for a group denotes that there is no permission.

Applying the Permissions to a File or Folder

Once you have calculated the permission for each group using the method above, it’s time to apply them to a particular file. First, navigate to the folder containing the files or folders where you will be applying the permissions (by using the change directory command). Next, issue the following command:

sudo chmod XXX filename

Replace the XXX in the above command with the 3 group permissions that you calculated, and then replace filename with the file name or folder name that you wish to set permissions on. As an example, if we wanted to set 777 (read, write, execute) permissions on a file named picture1.png, then we’d type the following command:

sudo chmod 777 picture1.png

Please note, you should be extremely careful when setting file permissions, ensuring that you are not giving permissions to unworthy groups (i.e., the group and world groups), and that you are not applying permissions changes to system files unless you understand exactly what you are doing.

Cory Bohon is a freelance technology writer, indie Mac and iOS developer, and amateur photographer. Follow this article's author, Cory Bohon on Twitter.