Unix file permissions are expressed in three octal digits. Running “ls -al” from a Unix (or Linux) terminal on a file with permissions 644 might look like this:
-rw-r--r-- 1 bhall staff 2216 6 Dec 2007 x11_update.sh
The first, or left-most, octal digit (“6” in this example) indicates a file’s owner’s (your) permissions, the second a user group’s permissions, and the third public permissions (applying to everyone else).
Here is a table of values showing the effect that each of these octal digits has on a specific owner or user group’s permissions.
Octal | Binary* | Effect |
---|---|---|
0 | ––– | No permissions (access blocked) |
1 | –-x | Executable** |
2 | -w- | Writable |
3 | -wx | Writable, executable |
4 | r-– | Readable (read-only) |
5 | r-x | Readable, executable |
6 | rw- | Readable, writable |
7 | rwx | Readable, writable, executable |
*Each octal digit can be represented in three bits corresponding, as read from left to right, to read (r), write (w) and executable (x) permissions. Thus, a 6 octal digit, normally written 110 in binary, shows up in a directory listing as “rw-“, meaning read and write permissions are granted, but not execute.
**Directories must have the executable bit set to be accessible.
So, a file with permissions 755 would be readable, writable, and executable for you (as the file’s owner), and readable and executable, but not writable for the group and for the world (public). To apply this set of permissions to a file called myscript, you would type the following into a terminal window:
chmod 755 myscript
and then press Enter.
Generally, folders need to have permissions 755 for everyone to be able to read the contents, and files need to have permissions 644 to be viewable but not editable by anyone other than you.
If these are web files, Apache (the web server) runs as another user, so files edited by Apache have to be writable by the Apache process, so the file(s) have to be at least group writable if Apache’s user is in your group.
Of course, you should give least permissions, so if Apache needs to edit a particular file, it should be as weak as 666, but the directory that the file lives in can be 755, and other files can be 644.
For further reading, see https://www.tutorialspoint.com/unix/unix-file-permission.htm.