Access control is implemented using a set of properties called the access mode, stored in the inode. Three classes of user are defined:
The user who owns the file.
The group that owns the file.
All other users on the system.
Three permissions are either granted or not granted to each class of user:
- Read (
Allows access to file contents and listing of directory contents.
- Write (
Allows writing a file or creating files in a directory.
- Execute (
Allows execution of a file and ability to read/write files in a directory.
- Read (
These comprise nine bits in the mode User
rwx, and Other
Three additional mode bits are defined:
To grant processes the rights of an executable file’s owner.
To grant processes the rights of an executable file’s group.
- Sticky bit
Prohibits file deletion by nonowners.
These 12-mode bits are often referred to in octal notation as well as with mnemonic constructs.
Mode bits are displayed using such commands as ls and stat.