File and Run Permissions
All files and programs are subject to restrictions called permissions, controlling who can view, edit and run them. You may have tried to change to a directory or run a script and got a message saying "Permission denied", or had a file open as "Read-only". All of these are due to incorrect or insufficient file permissions.
Permission Levels and Categories
Permissions are divided into 3 categories, namely User, Group and Others. As the person who created a file, you are considered its owner. You are also part of several groups of users, and may see which using the `groups` command. Finally, there are general permissions for everybody, called 'Others'.
There are also levels of file permission, namely read (the lowest level), write, and execute. Note that for directories, 'execute' means you may enter (cd to) the directory, while 'read' means you can list the files within it.
The long-form of ls , -l, shows permissions file by file. The first character on each line is either 'd', 'l' or '-'. 'd' stands for directory, '-' means this is a regular file, and 'l' denotes a 'link', a tag which points to a file somewhere else. After this comes 3 triples, each reading r, w, x for the read, write, and execute described above.
Permissions are sometimes described using numbers rather than rwx. These are strictly octal numbers, but may be considered as triples for user, group and all. Each position can be 0 (no permission), 1 (execute only), 2 (write only), 4 (read only) and sums of these. Thus 777 gives all permissions to all users, while 644 allows anybody to read the file, but only you to write it, and nobody to execute.
Changing permissions uses the chmod (change mode) utility. This can be used in two ways, either the letter form, or the numeric form. For instance
chmod u+x <filename>
gives execute permission to the current user (you), while
chmod u-x <filename>
takes it away and
chmod 666 <filename>
gives read/write permissions to everybody.
For example, if you create a bash script, before you can run it, you have to use the first command above to give yourself execute permissions.