Setting Sensible File and Folder Permissions in Linux
This is a guide for setting sensible file and folder default permissions in Linux
File permissions
Generally files should have the permissions of 644. This means that the owner can read and write, others can only read. No one has execute permissions by default. This keeps files from being able to be used maliciously. You can visualize the permissions and numbers below:
| Permission | Owner | Group | Anyone |
|---|---|---|---|
| Read (4) | X | X | X |
| Write (2) | X | ||
| Execute (1) | |||
| TOTAL | 6 | 4 | 4 |
Directory permissions
Directories should usually have the permissions of 755. This means that owners have full permissions, but others can only "read" and "execute" directories, here that means "open them" and see their contents. You can visualize how this looks below:
| Permission | Owner | Group | Anyone |
|---|---|---|---|
| Read (4) | X | X | X |
| Write (2) | X | ||
| Execute (1) | X | X | X |
| TOTAL | 7 | 5 | 5 |
How to set these permissions recursively
Here is a helpful command to set all directory permissions recursively.
find * -type d -exec chmod 755 {} +
Here is a helpful command to set all file permissions to sensible defaults:
find * -type f -exec chmod 644 {} +