A short explanation of POSIX permissions

DRWXR-XR-X reads like this: This is a directory denoted by the D (if it was a file there would just be a dash). The first three letters are the effective permissions for the owner of the file/folder in question, in this case, Read, Write, and eXecute. The next three letters are the effective permissions for the Group associated with said file/folder, in this case Read and eXecute only. The last set of three letters are the effective permissions for everyone else, in this case Read and eXecute only.

Permissions for files are always written in combinations of RWX, always in that order. You can have R–, RW-, -WX, etc. Permissions can be more complicated than this, but this is the general idea.

Repairing permissions basically resets permissions to factory defaults, or “the way Apple says they are supposed to be.” Note that repairing permissions does not affect anything inside a user folder, only outside, such as the Applications folder, where users do not have Write permissions. A repair permissions command would reset permissions on Applications to remove any write privileges that a user might have.

*** It gets more more technical below, so you can stop here for the general idea of permissions, or read on for more info.***

One last note, permissions can also be written in numerical form, such as 777, or 755, or 644, etc. think of it this way, a 7 corresponds to RWX, so a 777 would be RWXRWXRWX. A 5 would be R-X, so 755 would be RWXR-XR-X. This is because permissions are represented in octets. Each octet is made up of three numbers, 4,2,1. 4+2+1=7. In this case, R=4, W=2, and X=1, so RWX=7. I’m sorry if this is a little confusing.


About this entry