Linux has two main permission layers:
1. Traditional permissions: user / group / others (UGO)
2. ACL permissions: extra permission rules for specific users/groups
1. Traditional UGO permissions
UGO means:
u = user owner
g = group owner
o = others
Example:
chmod ugo+x script.sh
means:
Give execute permission to user, group, and others.
Another example:
chmod 777 file.txt
means:
Owner = read + write + execute
Group = read + write + execute
Others = read + write + execute
So 777 is very broad. It gives everyone full access.
r = 4
w = 2
x = 1
7 = 4 + 2 + 1 = rwx
So:
777 = rwxrwxrwx
This is usually not safe, especially for shared systems.
2. ACL permissions
ACL means Access Control List.
ACL lets you give permission to specific extra users or groups, without changing the main owner/group/others permissions.
Example:
setfacl -m u:john:rwx project.txt
This gives user john read, write, and execute permission on project.txt.
Check ACL:
getfacl project.txt
Remove John’s ACL:
setfacl -x u:john project.txt
Main difference
| Feature | UGO / chmod | ACL / setfacl |
|---|---|---|
| Basic permission system | Yes | Extended permission system |
| Controls owner, group, others | Yes | Yes, but with extra rules |
| Give permission to one specific extra user | Limited | Yes |
| Good for simple permissions | Yes | Yes |
| Good for complex/shared access | Not ideal | Better |
| Example | chmod 755 file | setfacl -m u:john:rwx file |
Example situation
Suppose you have this file:
ls -l report.txt
Output:
-rw------- 1 sayed sayed report.txt
Only sayed can read and write.
Now you want only john to also read it.
Bad approach:
chmod 777 report.txt
This gives everyone full access.
Better approach:
setfacl -m u:john:r report.txt
This gives only John read permission.
Simple summary
chmod / UGO = basic permissions for owner, group, and everyone else.
ACL = extra detailed permissions for specific users or groups.
Use chmod 777 only in rare testing situations. For real systems, ACL is safer when you want to give access to one specific user or group.
REF: AI Tools/ChatGPT
