What are file permissions in Linux? Explain `chmod`, `chown`, special bits (SUID, SGID, sticky), and the meaning of 755 / 644 / 600.
Linux file permissions control who can read (r), write (w), and execute (x) a file, for three categories: owner (u), group (g), others (o).
chmod — change permissions. Numeric (octal) or symbolic.
chown — change owner / group:
chown user:group file.
Octal cheat sheet: r=4, w=2, x=1.
755 = rwxr-xr-x (executables, directories).
644 = rw-r--r-- (config, source files).
600 = rw------- (SSH keys, secrets).
700 = rwx------ (private executable / SSH dir).
Special bits:
SUID (4xxx) — file runs with the owner's privileges. Why
passwdcan edit/etc/shadowas a regular user.SGID (2xxx) — new files inside a directory inherit the directory's group.
Sticky bit (1xxx) — only the file's owner (or root) can delete it. Why
/tmpis safe to share.
# Numeric (octal) permissions
chmod 755 deploy.sh # rwxr-xr-x → executable script
chmod 644 config.yaml # rw-r--r-- → config / source file
chmod 600 ~/.ssh/id_ed25519 # rw------- → SSH private key (must be 600!)
# Symbolic permissions
chmod u+x script.sh # add execute for owner
chmod g-w shared.txt # remove write from group
chmod o= secret.txt # remove ALL access for others
# Change owner / group
chown alice:devs file.txt # owner=alice, group=devs
chown -R www-data:www-data /var/www
# Special bits
chmod u+s /usr/bin/passwd # SUID — runs as owner (root)
chmod g+s /shared # SGID on dir — new files inherit group
chmod +t /tmp # sticky bit — only owner can delete filesOctal permissions: each digit = (read=4) + (write=2) + (execute=1). 755 = owner rwx, group r-x, others r-x — typical for executables and directories. 644 = owner rw-, group/others r-- — typical for config and code files. 600 = owner rw-, no one else — secrets and SSH keys.
Most candidates can read 755/644 but stumble on special bits. SUID is why /usr/bin/passwd works without sudo.
Sticky bit on /tmp prevents users from deleting each other's files. Naming these correctly signals real Linux depth.