File permissions in Interix

In Interix, each file has three sets of permissions: one for the owner, one for the file's group members, and one for everyone else. Each set of permissions consists of a read permission, a write permission, and an execute permission.

You can display file permissions with the ls -l command, which is the long-file listing of ls(1). The following example illustrates output of the ls -l command:

drwxr-xr-x 1  Jimbo  Accounting	 0   Aug 24  14:35 lib
-rwxr-xr-x 1  Jimbo  Accounting   342   Aug 27  00:20 stuff

In a permission list, such as drwxr-xr-x, the first character represents the file type (d or - in this example). The next nine characters represent permission bits. The list is divided into three parts: the owner permission set (rwx in this example), the group permission set (r-x in this example), and the permission set for everyone else (r-x). Each set can contain read (r), write (w), and execute (x) bits.

The following list describes the first character and each part of the permission list. For more information about permission lists and bits, see ls(1).

If you own a file or have appropriate privileges, you can change the permissions for the file with the chmod(1) command.

Files created in the Interix environment

When you create a file in Interix and view it with ls -l, the following permissions and attributes apply:

POSIX files are given three access control entries (ACEs) in Windows: one for the owner, one for the group, and one for the Everyone group, which represents everyone else. For more information on ACEs, see Windows object security. POSIX permissions work as follows:

Files created in the Win32 subsystem

A file created through the Win32 subsystem can have a number of ACEs associated with it. In addition, those ACEs might not fit neatly into the categories of user, group, and everyone else. The Interix tools will "assemble" permission from the available ACEs:

If the ACE used to determine the owner's permissions does not have a change permission (P) or a take ownership (O) permission, the chown(1), chgrp(1), and chmod(1) commands might not work as expected.

All objects on a file allocation table (FAT) file system or high-performance file system (HPFS) are owned by the Everyone user and the Everyone group.