Every Web page has permissions set behind the scenes, which allow the creator of the page and other individuals to read that page on the Web and/or to make changes to that page.
There are three categories of users:
There are three types of permissions (usually called modes):
The meaning of each type of permission is different for files and directories:
|Permission||What it means for a file||What it means for a directory|
|Read||view file contents||list files in directory|
|Write||change file contents||create and remove files|
|Execute||execute file as a command||search the directory|
At your Unix prompt (e.g., spot>), go to the web directory where you want to make changes. For example, if you are making your own personal web pages, you would type:
If, on the other hand, you are working on your department's or other University-related web pages, the directory would most likely be in /htdocs. If so, you would need to type:
|- r w x||r w x||r w x|
We can see that the file index.html is readable and writable by the User, and readable by the Group and Other. No other permissions have been allowed; thus, the rest of the spaces contain dashes as placeholders. Because the read permission for Other is set, this file is viewable on the Web.
To look at the permissions for a Web directory, type:
ls -ld public_html drwx-----x 2 smith 512 Aug 16 13:52 public_html
The above directory (note the initial "d" in the first column) has read, write, and execute permissions for the User, and execute for Other. This directory is viewable on the Web.
In general, the User (ie, owner of the directory or file) should be able to read and write all files they own and read, write AND execute all directories they own.
The group-owner, if there is one, should be able to do the same. A group-owner is really a collection of people who are granted write-access to the directory and/or files by the authority of the primary owner. Since group-owners are there to help maintain the web pages, they should have the same permissions as the primary owner. However, this does not mean that they can change the permissions of the file or directory, and they don't have the authority to request changes to group-owner membership. Only the primary owner (AKA "User") has the authority to make permissions and access changes.
IMPORTANT NOTE: Once a member of the group that has group-ownership of a directory creates a new file, that person is the owner of the file that s/he just created. Thus, that person now has the responsibility to set the permissions correctly for that file.
Finally, the Other permissions are generally set to allow only read access to files and execute access to directories. Setting write access for Other is very dangerous, since then anyone with access to the server could make changes to your web pages!
For Web pages on www.colorado.edu with a group-owner, you'll need these minimum permissions set:
|User/Owner||read, write, execute||rwx|
|Group||read, write, execute||rwx|
|User/Owner||read, write, execute||rw-|
|Group||read, write, execute||rw-|
Use the command chmod to change the mode (ie permissions) of a file or directory.
To change permissions for the directory under /htdocs/somedepartment called images, type the following, then hit Return:
NOTE: you must be in the directory /htdocs/somedepartment before typing the command. See instructions above for how to change your directory location.
For the file called index.html, type the following, then hit Return:
If you receive an error trying to view or change Web pages, it is most likely a file or directory permission problem. Examples:
If other people receive permissions errors on your pages, review your permissions to be sure they match the minimums stated above. In cases where more than one individual has write privileges on a Web page or directory, permissions can sometimes be changed inadvertently when other individuals upload files.
You can also refer to the manual pages that reside on the Unix servers. To see the Unix manual pages about changing permissions, type: man chmod.
303-735-4357 (5-HELP) or email@example.com
7:30 a.m. – 8:00 p.m.
12:00 noon – 6:00 p.m.