Access Permissions   «Prev  Next»
Lesson 5Numeric access codes
ObjectiveConvert Alphabetic Permission Bits to Numeric Format.

Convert Alphabetic Permission Bits to Numeric Format

In Unix-based systems, file permissions are a crucial aspect that dictates who can read, write, or execute a given file or directory. These permissions can be represented either in an alphabetic (symbolic) format or a numeric (octal) format. The alphabetic representation uses letters (`r`, `w`, `x`, `-`) while the numeric representation uses numbers (0-7). Converting from alphabetic to numeric format involves understanding the symbolic representation and how it maps to the octal values.
Alphabetic (Symbolic) Representation:
  • `r` stands for read permission.
  • `w` stands for write permission.
  • `x` stands for execute permission.
  • `-` indicates no permission.

These permissions are grouped into three sets:
  1. Owner permissions
  2. Group permissions
  3. Others permissions

Each set can contain any combination of `r`, `w`, and `x`, representing the permissions for the owner, the group, and others, respectively.
Numeric (Octal) Representation: The numeric format is a three-digit octal number, with each digit representing the permissions for the owner, group, and others, in that order. Each digit is the sum of its constituent permissions:
  • Read (r) has a value of 4.
  • Write (w) has a value of 2.
  • Execute (x) has a value of 1.

Conversion Process:

To convert alphabetic permissions to numeric, you need to evaluate each set of permissions (owner, group, others) and convert them to their numeric equivalent based on the sum of their values.
  1. Owner Permissions:
    • Analyze the first three characters of the symbolic representation (ignoring the file type indicator).
    • Calculate the sum of the permissions, using the values assigned to `r`, `w`, and `x`.
    • This sum gives you the first digit of the octal representation.
  2. Group Permissions:
    • Repeat the process for the next three characters.
    • The sum provides the second digit of the octal representation.
  3. Others Permissions:
    • The last three characters are analyzed similarly.
    • The sum gives the final digit of the octal representation.

Example: Consider the symbolic permission string `-rwxr-xr--`. To convert this to numeric format:
  1. Owner (`rwx`):
     `r`=4, `w`=2, `x`=1
     Sum = 4 + 2 + 1 = 7
  2. Group (`r-x`):
     `r`=4, `x`=1 (no `w`, so 0)
     Sum = 4 + 0 + 1 = 5
  3. Others (`r--`):
     `r`=4 (no `w`, no `x`, so 0 + 0)
     Sum = 4 + 0 + 0 = 4
Hence, the numeric (octal) format is `754`.
Practical Application: On a Unix system, this conversion can be done mentally with practice or by using a simple script that automates the process, especially useful when dealing with a large number of files or complex permissions. Remember, understanding and accurately setting file permissions is essential for maintaining system security and functionality.

File Permissions setting is stored on disk in Numeric Form

The file permissions setting is stored on disk in numeric form, and working directly with this numeric representation is frequently the most convenient way to manipulate permissions. In the numeric representation, the three permission bits (r, w, x) at each level (user, group, other) are read as a 3-bit binary number, with r having value 4,w having value 2, and x having value 1.
For example,

rw-      =  4 + 2 = 6
r-x      =  4 + 1 = 5
--x      =  1  

rwx = 7
Because the largest value possible (rwx) is 7, each set of permission bits can be represented by a single octal [1] digit between 0 and 7. The collection of all three sets of rwx bits is then represented as a three-digit octal number. For example, the decimal number 10 means the number consists of one 10 and zero ones.
In octal, the decimal number 10 would be represented as 12 which is one 8 and two 1s. For example,
rw-rw-r--    = 664
r--r--r--    = 444
rwx------    = 700

Converting Access Permissions

Read the text below to enhance your knowledge of converting access permissions from one form to the other.
The statements below match access permission bits in alphabetic format to their corresponding octal numeric format:
  1. r--r----- is 440
  2. r-xr-xr-x is 555
  3. rwxr-xr-x is 755
  4. r-------- is 400

You can change file permissions using the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by means of
  1. access classes and
  2. access types.
Access classes are groups of users, and each may be assigned specific access types.
The access classes are
  1. user,
  2. group,
  3. other, and
  4. all.
These refer, respectively, to the user who owns the file, a specific group of users, the other remaining users who are not in the group, and all three sets of users. Access types (read, write, and execute) determine what may be done with the file by each access class.

Process Ownership

The owner of a process can send the process signals and can also reduce (degrade) the process’s scheduling priority. Processes actually have multiple identities associated with them: a real, effective, and saved UID; a real, effective, and saved GID; and under Linux, a "filesystem UID" that is used only to determine file access permissions. Broadly speaking, the real numbers are used for accounting and the effective numbers are used for the determination of access permissions. The real and effective numbers are normally the same. Saved IDs have no direct effect. They allow programs to park an inactive ID for later use, facilitating the parsimonious use of enhanced privileges. The filesystem UID is generally explained as an implementation detail of NFS and is usually the same as the effective UID.

[1]octal: An octal number is a number based on 8s, just as a decimal number is based on 10s.

SEMrush Software5