Wesley Wright discusses the number vs. letter chmod debate in an e-mail message copied here:

chmod changes the mode (privileges, protection, whatever) of EXISTING files.

An alternate form of the chmod command -- and the form preferred by some members of this list -- is to use the "absolute mode" format rather than the [who]+permission format.

Absolute mode sets and clears file protection bits. If I issue an "ls -l" command, I might see something like this:

drwxr-xr-x 20 waw staff 2048 Feb 15 12:09 waw

the "d" means this is a directory. The next nine characters indicate that the User (me) has read, write, and execute permission, the Group (my buddies, as determined by root) has read and execute, and everyone else (you) has read and execute.

These nine characters could just have well been '0's and '1's:

drwxr-xr-x 20 waw staff 2048 Feb 15 12:09 waw


Let's break 111101010 into octal characters:

111 | 101 | 101

7 5 5

or, 755. This is the Absolute Mode of directory waw.

Thus, if I wanted a file to have the permissions User Read and write, Group Read, and Other Read, this might look like




110 | 100 | 100

6 4 4

So I could issue the command

chmod 644 filename,

Which is similar to

chmod a+r filename.

* * * * * * *

Then there is umask...

umask works a little differently. umask wants a "mask" identifying which permissions to DENY, rather than allow. This mask applies to all subsequent files created by the user's process (i.e., until logout or another umask command).

Thus, if I wanted all subsequent files created to *not* have write access by Group and Others,



000 | 010 | 010
0 2 2

I would issue a umask 022 command.

Exercise Question: If I didn't want anyone but me to have any access at all, what is the proper umask?

* * * * * * * * * * * * * * * * *

Now, here's the really fun part. Most of us are probably creating our html and gif files on Macs and PCs, and uploading these files to our WWW server using FTP. From our local ftp client (Fetch on Macintoshes, perhaps winFTP or W-FTP on Windows, or even the command-line FTPs used by WinQVT or DOS or anothe unix machine), we can issue the following commands to the host machine:

site chmod (absolute mode) filename
site umask mask

Thus, if I was going to upload new files to my public_html directory, I would first issue a

site umask 022

command, and then start "put"ing files. I could also send

site chmod 600 index.html
cd ..
site chmod 700 public_html

and shut off access to http://server.uvm.edu/~mydirectory entirely.