APLawrence - Information and Resources for Unix and Linux Systems, Bloggers and the self-employed
RSS Feeds Get APLawrence.com by RSS














(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version


The cure for everything - chmod 777

2009/10/28



I admit that I have done a "chmod 777" when I should not have. Almost always that came from haste or frustration. Not frustration with Unix permissions, but frustration with whoever had daily care responsibility for the system - their inability to understand permissions might have driven me to this.

Sometimes it hardly matters. At many small businesses, everybody has "got root" anyway and has learned that this magic incantation will "fix" problems. Well, until it breaks a setuid program, of course. Nobody, NOBODY ever learns "chmod +w", do they?

Another rare breakage is /tmp. It's supposed to have the "t" bit set so that only the owners of files can delete, but I've had folks "777" it. Why? Who knows?

More usually the open permissions are applied to some common set of data. All goes well until someone removes (or just moves!) something that is needed by someone else, and then the crying starts.

The most horribly wrong things that can be done with permissions come from people who have learned about "-R" (recursive) or wild cards. Two or three times a year I find a system where someone has done a chmod to ".*". That's bad enough by itself, but when combined with -R, the results can be spectacular.

Unnecessary damage

What you should understand is that this is all unnecessary. Most of us who have to deal with the results of misunderstood chmod's wish that users didn't even know that the numeric form exists. There would be far fewer errors if users only knew the symbolic modes.

The symbolic form is also much more powerful. Consider this :

$ ls -l
total 0
-rw-r--r--  1 apl  apl  0 Oct 27 15:06 a
-rw-r--r--  1 apl  apl  0 Oct 27 15:06 b
-rwxr--r--  1 apl  apl  0 Oct 27 15:10 c

$ chmod a+X  a b c
$ ls -l
total 0
-rw-r--r--  1 apl  apl  0 Oct 27 15:06 a
-rw-r--r--  1 apl  apl  0 Oct 27 15:06 b
-rwxr-xr-x  1 apl  apl  0 Oct 27 15:06 c

ONLY the file that was already executable had full execution bits added - try THAT with Windows!

(If you did want to change all the files, you'd use "chmod a+x a b c")

But I'm being silly. People will continue to "chmod 777" anytime they have a problem. Program doesn't work? Chmod 777. Unexpected error? Chmod 777. Grinding noise inside the computer? Chmod 777. Too hot in here? Chmod 777.

Feeling frustrated by people changing permissions for no reason? By now you should know the cure. Say it with me: Chmod 777.

Don't you feel better now?



;



;


Click here to add your comments




Wed Oct 28 12:45:01 2009: Subject:   joe

gravatar
when everything fails often a chmod 777 solves.....
is the case one is in front its own limitations
regards.. sharing the hard life of thecnical support
joe. neuquen patagonia argentina



Thu Oct 29 16:37:37 2009: Subject:   anonymous

gravatar
yes! i feel better with chmod 770 on a OSX System with MORE than 1 User on it - the System neves me with created files that have 707 permission set - ahhhhrrgg ! fuc*-*ff




Sun Nov 1 21:13:16 2009: Subject: how can this be done on Linux?   anonymous

gravatar
Just curious, how I can grant access to a directory like the following within Linux?

* Tom: can read, write, delete, and create new files
* Marcy: can read files but nothing else
* Bill: can write only but not read other data
* Jake: can view directory contents only
* Everyone else: no access



Sun Nov 1 21:45:21 2009: Subject:   anonymous

gravatar
By setting ACL's. See the article at http://aplawrence.com/Unixart/using-acls.html

Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar


numly esn 97290-091027-890038-67
numly barcode

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Jump to Comments



Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.


book graphic unix and linux troubleshooting guide

My Troubleshooting E-Book will show you how to solve tough problems on Linux and Unix systems!



 I sell and support
 Kerio Mail server




pavatar.jpg
More:
       - Linux
       - MacOSX


Unix/Linux Consultants

Skills Tests

Guest Post Here










My Favorites

Change Congress