View source for File System Permissions

===Unix-based Systems===
  ##-##: doesn’t allow
  ##r##: allows read
  ##w##: allows write
  ##x##: allows execute, or on directories, allows access to contents

#|
*| Number | Permission | Symbolic Notation |*
|| 0 | None | ##—## ||
|| 1 | Execute only | ##–x## ||
|| 2 | Write only | ##-w-## ||
|| 3 | Execute and write (1 + 2 = 3) | ##-wx## ||
|| 4 | Read only | ##r–## ||
|| 5 | Read and execute (4 + 1 = 5) | ##r-x## ||
|| 6 | Read and write (4 + 2 = 6) | ##rw-## ||
|| 7 | Read, write, and execute (4 + 2 + 1 = 7) | ##rwx## ||
|#


#|
*|  | owner | group | others |*
|| read | r 	- 	-  | r 	- 	- | r 	- 	- ||
|| write | - 	w 	- | - 	w 	- | - 	w 	- ||
|| execute | - 	- 	x | - 	- 	x | - 	- 	x ||
|#


#|
*| Symbolic Notation | Numeric Notation | English |*
|| ##~----------## | 0000 | no permissions ||
|| ##~-rwx------## | 0700 | **read, write, & execute only for owner** ||
|| ##~-rwxrwx---## | 0770 | read, write, & execute for owner and group ||
|| ##~-rwxrwxrwx## | 0777 | read, write, & execute for owner, group and others **SECURITY RISK** ||
|| ##~---x--x--x## | 0111 | execute ||
|| ##~--w--w--w-##  | 0222 | write ||
|| ##~--wx-wx-wx## | 0333 | write & execute ||
|| ##~-r--r--r--## | 0444 | read ||
|| ##~-r-xr-xr-x## | 0555 | read & execute ||
|| ##~-rw-rw-rw-## | 0666 | read & write ||
|| ##~-rwxr-----## | 0740 | owner can read, write, & execute; group can only read; others have no permissions ||
|# 	 	

Numeric Notation:  octal integer, precedes the number with a 0 (zero), e.g. ##0644##

====Directory and File Permissions====

#|
*| Permissions | Directory | File |*
|| Most secure | ##755## | ##644## ||
|| Least secure | ##777## | ##666## ||
|#

Directories need to allow for access to their contents, so for each scope (owner, group, world), directory permissions will nearly always be one of the execute permissions: ##1##, ##3##, ##5##, or ##7##.

In a web application, no files themselves need execute privileges because the web server is controlling the process that actually executes the PHP. So the typical options will be ##4## or ##6##.

Usually **only the owner** needs write permissions, and group/world just need read.