Recently while working in a web application i faced some unpredictable problems. After googling i realized that the problem is the permission label of files & directories. Now a days we are very much used to work with cpanel to manage our hosting files & credentials As we working in graphical mode (not in command mode), we used to ignore about file attributes. File attributes are the collection of file information (for example: what the owner can do with the file, what people in the group can do, and what others can do, various time stamps etc). While managing hosting files, file attributes is very important. Because if any file is given write permission to world, your application / site may destroy or remove any time. On the other hand lowest label of file permission may prevent your targeted visitor to read.
By default any files on UNIX system have access permissions & the operating system knows how to deal with requests to access the files.
As we know there are three types of access. These are:
- Read – Denoted as r, files with read access can be displayed to the user.
- Write – Denoted as w, files with write access can be modified by the user.
- Execute – Denoted as x, files with execute access can be executed as programs by the user.
Above access types are set on the three types of user group:
- User – The creator / owner of the file.
- Group – Other apps / files which are in the same folder / group.
- World – and for everyone.
The web server needs to be able to read your web pages in order to be able to display them in a browser. The following permissions need to be set in order for your web site to function properly.
- The number 644 permission defines readable by User, Group and World, and writable by User. This permission is set automatically when we upload files. All HTML files and images need to be readable by others.
- The number 755 permission defines readable by User, Group and World, writable by User, executable by User, Group and World. This permission is set automatically when we create a folder. Basically all folders need to be executable by others.
- All files in the cgi-bin folder need to be executable by other. 755 permission is set for readable by User, Group, and World, writable by User, executable by User, Group, and World. This permission is not set automatically when you upload files. You need to change file permissions manually.
Mode Str Perms Explanation
0477 -r–rwxrwx owner has read only(4), other and group has rwx(7)
0677 -rw-rwxrwx owner has rw only(6), other and group has rwx(7)
0444 -r–r–r– all have read only(4)
0666 -rw-rw-rw- all have rw only(6)
0400 -r——– owner has read only(4), group and others have no permission(0)
0600 -rw——- owner has rw only, group and others have no permission
0470 -r–rwx— owner has read only, group has rwx, others have no permission
0407 -r—–rwx owner has read only, other has rwx, group has no permission
0670 -rw-rwx— owner has rw only, group has rwx, others have no permission
0607 -rw—-rwx owner has rw only, group has no permission and others have rwx
Full list of permission modes can be found 0000 to 0777.
Typically, Permissions are differed from host to host, so this guide only a basic principles. It cannot cover all cases. This guide applies to servers running a standard setup.