How to Set File Permissions on Mac

MacOS logo

Like all major operating systems, macOS allows you to restrict access to files using a complex set of file permissions. You can set them yourself using the Finder application or by using the chmod command in your Mac terminal. Here’s how.

Setting Mac File Permissions Using Finder

If you want to set permissions for a file on your Mac without using the terminal, you’ll need to use the Finder app.

You can launch the Finder from the Dock at the bottom of your screen. The application is represented by the smiling Happy Mac logo icon.

The Finder icon in the macOS Dock

In a Finder window, you can view and set permissions by right-clicking on a file or folder and selecting the “Get Info” option.

Right-click on a file and press Get Info to access file permissions on macOS

Detailed information about your file or folder can be found in the “Info” window that opens. To set file permissions, however, you must click the arrow next to the “Sharing and Permissions” option.

This will display a list of accounts or user groups on your Mac, with the access levels listed in the “Privilege” category.

If the account or user group for which you want to set permissions is not listed, select the Plus (+) icon at the bottom of the window.

Tap the plus icon at the bottom of the Get Info window

Choose the user or group in the selection window, then click the “Select” button. This will add it to the list.

Select a user or group of users, then press Select to add that user or group to the file permissions list on macOS

Access levels are self-explanatory – users with “Read only” access level cannot edit files, but they can access them. If an account is defined at the “Read and write” level, they can do both.

To change this for a user or group in the list, click the arrow next to the existing level for that account or group, then select “Read Only” or “Read and Write” from the list.

Setting user group permissions for a user on macOS

Authorizations are immediately defined. Close the “Info” window when you are done.

Setting Mac File Permissions Using the Terminal

If you have used the chmod command on Linux, then you will be aware of its power. With a single terminal command, you can set read, write, and executable permissions for files and directories.

RELATED: How to use the chmod command on Linux

However, the chmod command is not just a Linux command. Like many other Linux terminal commands, chmod dates back to Unix in the 1970s – Linux and macOS both share this heritage, which is why the chmod command is available in macOS today.

To use chmod, open a terminal window. You can do this by pressing the Launchpad icon on the Dock and clicking on the “Terminal” option in the “Other” folder.

You can also use Apple’s built-in function Spotlight Search to open the terminal.

View permissions on current files

To view the current permissions for a file, type:

ls – @ l file.txt

Replace “file.txt” with your own file name. This will show all user access levels, as well as any extended attributes relevant to macOS.

The ls command on the macOS terminal

The file permissions for the file are displayed in the first 11 characters output by the ls command. The first character, a dash in (-), shows that it is a file. For files, it is replaced by a letter (d) instead.

The ls command on the macOS terminal displaying files and folders

The following nine characters are divided into groups of three.

The first group displays the access levels for the owner of the file / folder (1), the middle group displays the group permissions (2) and the last three display the permissions for any other user (3).

File permissions underlined using the ls command on the macOS terminal

You will also see letters here, such as r (read), w (write) and x (run). These levels are always displayed in this order, for example:

— would mean no read or write access, and the file is not executable.
r– would mean that the file can be read, but not written, and that the file is not executable.
rw- would mean that the file can be read and written, but the file is not executable.
r-x means that the file can be read and executed, but not written.
rwx means that the file can be read, written and executed.

If the last character is an at (@) sign, it means that the file or folder has extensive file attributes related to security, giving some applications (such as Finder) persistent access to files.

This is partly related to new security features introduced in macOS Catalina, although file access control lists (ACLs) have been a Mac feature since macOS X 10.4 Tiger in 2005.

RELATED: How new security features in macOS Catalina work

Setting file permissions

To set file permissions, you will use the chmod command on the terminal. To remove all existing permissions, set read and write access for the user while allowing read access for all other users, type:

chmod u = rw, g = r, o = r file.txt

The flag u defines the permissions for the owner of the file, g refers to the user group, while o refers to all other users. Using an equal sign (=) clears all previous permissions for this category.

In this case, the owner of the file gets read and write access, while the user group and other users get read access.

The chmod command used on the macOS terminal

You can use a plus sign (+) to add access to a user level. For example:

chmod o + rw file.txt

This would grant all other users read and write access to the file.

An alternative use of chmod on the macOS terminal

You can use the minus (-) to remove this instead, for example:

chmod o-rw file.txt

This would remove read and write access for all other users of the file.

Removal of the permissions of all other users using chmod on the macOS terminal

To delete, add or delete user permissions for all users, use the a flag instead. For example:

chmod a + rwx file.txt

This would give all users and user groups read and write access to your file, and allow all users to run the file.

Great power comes with great responsibility, and there is no doubt that the chmod command is a complete and powerful tool for modifying file permissions on the Mac. You can, for example, replace the letters (rwx) with a combination of three (or four) octal digits, up to 777 (to read, write and execute).

If you want to know more, type man chmod on the terminal to read the full list of available indicators and parameters.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.