LAB-PERM-01 - The Permission Trinity (rwx)

ACL Permission Management

The Permission Trinity (rwx)

Read Linux permission strings confidently and explain what read, write, and execute mean for files versus directories.

30 min BEGINNER LINUX Field-verified

Prerequisites

Lab LAB-USER-01 - Understanding Users & Identity

Success criteria

Read a basic permission string such as -rw-r--r-- or drwxr-xr-x.
Explain how file permissions differ from directory permissions.

Safety notes

Do all permission experiments in a practice area, not in important directories.

Part A: The Field Guide

When you run ls -l, the first block of characters tells you a lot about access.

Example:

-rw-r--r--

The pattern is:

first character: what kind of thing this is
next three: owner permissions
next three: group permissions
last three: other permissions

The first character

- means a regular file
d means a directory
l means a symbolic link

The three permission letters

r means read
w means write
x means execute or traverse
- means that permission is missing

Important Distinction

On a file, x usually means the file can be run as a program or script. On a directory, x means you can enter or traverse the directory.

File versus directory behavior

For a file:

r: read the contents
w: change the contents
x: run the file if it is executable content

For a directory:

r: list names inside it
w: create, rename, or remove entries inside it
x: enter the directory or pass through it

Part B: The Drill Deck

Terminal required: keep everything in a harmless practice area.

Exercise G1: Read one file permission string

Run ls -l /etc/passwd
Identify the file type character
Read the owner, group, and other chunks out loud
State what each chunk allows

Exercise G2: Read one directory permission string

Run ls -ld /tmp
Notice the leading d
Explain why execute on a directory means traverse, not run

Exercise G3: Build your own example

Run mkdir -p ~/perm_lab && cd ~/perm_lab
Run touch example.txt
Run ls -l example.txt
Interpret the result in plain language

Exercise S1: Decode mentally

Explain these permission strings in plain language:

-rwxr-x---
drwxrwxr-x
-r--------

Exercise S2: Directory logic check

If a directory gives you read but not execute, what can you observe, and what can you not do? Answer in words before testing it later.

Mission M1: Explain the directory case

In your own words, explain why deleting a file depends partly on the permissions of the directory that contains it, not just the file itself.

If you can explain that clearly, the permission model is starting to become real instead of memorized.

Practice flow

Run the exercise carefully, then repeat the key steps once more in the same session without leaning on the instructions.

Open lesson Open Arena Back to Labs

Reflection

Which part of the permission string still takes effort to decode?
What changed once you separated file behavior from directory behavior?

If not yet, repeat the lab once more without leaning on the instructions.

Move on when

Decode a permission string without notes and explain owner, group, and other access.
Explain what execute means on a directory.

A lab counts when you can repeat it cleanly with much less help than the first time.

Practice review

After you finish, repeat this lab tomorrow with less reliance on the instructions.

Use spaced practice around day 1, day 2, day 5.
Try to predict the steps before you scroll.
Run the key commands or actions from memory first.
Use the lesson or Library only for the parts that still fail.

Lab context

Best for

Need structureSerious hands-on operatorStarting from zeroIT / support / sysadmin

Pathways

Career operator pathFoundations first

Practice fit

Beginner-safe Guided practice

This lab is designed to be attempted safely by newer learners if they stay inside the described sandbox or practice folder.

Expect tighter prompts and a more protected workflow while the skill is still forming.

Revisit the lesson

Module M12 - Who Owns What: Users and Groups Module M14 - Users and Groups: CLI Module M15 - Permissions: NTFS and Linux rwx Module M17 - Permissions Lab: Diagnose and Fix

Topics

permissionsrwxls -lreadwriteexecute

Reference support

Library permissions Library rwx Library ls -l Library read

On this page