Linux File Permissions

One of the most commonly faced issues while deploying websites with a web server like Nginx or Apache is dealing with permission errors. You deploy your website and suddenly your website starts throwing errors like “403 Forbidden” or “500 Internal Error”. Most often than not it has to do with the incorrect file or directory permissions.

The permissions on a file in Linux dictate who can perform what operations on it. The ‘who’ here can be - 1) owner of the file 2) group the file belongs to 3) other users; and what corresponds to the operations of read(r), write(w) and execute(x). The image below depicts a typical file permission character set for a file.

So a permission of rwxrwxrwx on a file would mean that it’s unrestricted - anybody can read, write and execute it. If it’s a directory then anyone can list files, create new files in the directory and delete files in the directory.

It’s easier to think of permissions in terms of bits. So rwx can be represented as 111, rw- as 110 and so on. The number 111 is 7 in binary, so the permission of rwxrwxrwx can be represented as 777. Similarly the permission of 600 on a particular file would translate to rw-------, which means that only the owner can read and write this particular file. If you want a file to be readable and writable only for the owner, then running chmod 600 filename would do the trick.

Similarly, for a webserver to be able to serve files, it should at least be able to read them( or in some cases execute them). The owner would need to be able to read, write and execute them. So in most cases, the permission of 755 on directories and 644 on files should work most of the times.