Understanding Linux Permissions

The home page web server managed by the CLAS Linux Group runs on the Linux operating system. Before going further, read Viewing Linux File and Directory Permissions and make sure that you understand the information on that page.

Permissions and Security

Permissions on web files and directories have security issues. Before you change permissions on a web file or directory, read File and Directory Permissions and Web Security!

Minimal Permissions for Web Directories and Files

At a minimum, your web directory and all subdirectories of your web directory that you want to be accessible on the web, must have execute permission for other.

Any file that you would like to be accessible via the Web must be located in your web directory or some directory under your web directory, and the file must have at least read permission for other.

Enabling Web Features with Permissions

Server-Side Includes

You can enable server-side includes by giving execute permission to user for any file under your web directory. Server-side includes allow you to create more feature-filled web pages.

Directory Indexing

If one of your web directories has both read and execute permission for other, and if the directory does not contain a file named index.html, index.htm, index.shtml, or index.php, then the web server will display a list of all files and directories in that directory. This is called directory auto-indexing. Be sure you understand the security issues involved with auto-indexing before you enable this feature!

Fixing Permissions

If you suspect you have the wrong permissions on some of your Web files and directories, you can use the fixpub command to fix all of them. To use fixpub, just execute the command:

fixpub

Running fixpub this way will break directory auto-indexing. If you want to use directory auto-indexing, then you must run fixpub with the -o command-line argument:

fixpub -o

You can also use the chmod command to change permissions on files and directories. For information about chmod, execute man chmod.