Editing basic UNIX file permissions with SFTP clients

The basic description of a file on unix derived systems (Macs and Linux) is that it has an owner, a group and a set of permissions.

In the examples above (taken from Cyberduck on the Mac and WinSCP on the PC) you can see the file and folder names, their sizes the owner id, the group id and the permissions.

The permissions are divided into three blocks. The first block contains the permissions for the owner of the file, the second for the group of the file and the final block is for everyone else.

Each block may contain up to three of the letters R, W and X.

• R: The file or folder may be Read by the person or group related to this block
• W: The file or folder may be Written by person or group related to this block
• X: The folder may be opened or the file may be eXecuted by the person or group related to this block

• The Folder with the permissions rwxr-xr-x can be opened and read by anyone, but only written to by its owner.
• File1 can be read by anyone and written by the owner and the group
• File2 can be read by anyone but only written to by the owner

In Cyberduck pressing cmd-i shows the info dialogue where these permissions can be changed, if you are the file owner.

To grant a group the permission to write to a folder one would tick the "write" box on the "group" line. Apply changes recursively will change the permissions of all the contents of a folder as well.

Similarly, in WinSCP can press F9, or right-click and choose properties to see a properties dialogue.

Access Control Lists

All the file servers in the department understand Windows ACLs. Unfortunately Mac clients don't understand them reliably. They should be avoided until Apple get their act together.