Controlling File Permissions
The File Mode
Every file contains a set of permissions that define which processes
are allowed to access it. The file type (e.g., unnamed pipe, character
device and so on) and its access permissions are packed within a 16-bit
integer called the "file mode". The lowest 12 bits thereof indicate the
file's access permissions and permission modifiers. A file mode is
often encoded as a string of six octal digits. The low order three
digits are the access bits, the next digit indicates the file
permission modifiers, and the final two digits indicate the file type.
Thus, the file mode 0041755 represents a file type of 04 (note: the
leading zero indicates an octal number), a file permission modifier 1,
and the access bits are 0755.
Checking a File's Permission
The access() function declared in
whether it can access a given file in a specified manner, for example,
to check whether it can read a file. access() has the following
int access (const char * path, int mode);
The mode argument consists of one or more of the following values
combined using the bitwise OR operator:
F_OK does the file exist?
R_OK can the current process read from the file?
W_OK can the current process write to the file?
X_OK can the current process execute the file?
access() returns 0 if the access mode(s) passed as the second argument
are permitted. Otherwise, the function returns an EACCESS error code.
In the following example, the program first checks whether it can
execute a file, called "myprog.exe", before calling the system()
result = access ("myprog.exe", X_OK);
Changing a File's Permission
The chmod() and fchmod() system calls enable you to change a file's
access permissions. Both functions are declared in
int chmod(const char * pathname, mode_t mode);
int fchmod(int fd, mode_t mode);
A file's permissions apply to an inode. Therefore, if a filename has
multiple links, then changing its permissions will affect all those
links. Note that only the root user and the file's owner may change its
access permissions; other users will get an EPERM error code. chmod()
takes a string as a file's identifier whereas fchmod() takes a file's