home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

13.4 Modifying Permissions

The permissions on a file or directory define who (in broad categories) can do what (more or less) to that file or directory. Under UNIX, the typical way to change permissions on a file is with the chmod command. As a Windows user, you may be more used to the attrib command. Perl changes permissions with the chmod function. This operator takes an octal numeric mode and a list of filenames, and attempts to alter the permissions of all the filenames to the indicated mode. To make the files fred and barney with both read/write attributes, for example, do something like this:


In short, the UNIX (and Perl) concept of file permissions consists of a bit for read, write, and execute rights for the user, the user's group, and everyone else. These bits are combined to create the mode. Because Win32 systems have a significantly different concept of permissions, you don't need to worry about all of the different possible values for the mode. Table 13.1 presents a couple of key values.

Table 13.1: Key Values for File Permissions






Read only

Win32 systems determine whether or not a file is executable based on the file extension, so we're not going to worry about the execute bits. Furthermore, even though some Windows NT filesystems support advanced user/group rights, the current Perl implementation doesn't support access to these rights via chmod .

The return value of chmod is the number of files successfully adjusted (even if the adjustment does nothing); so chmod works like unlink , and you should treat it as such with regard to error checking. Here's how to change the permissions of fred and barney while checking the errors for each:

foreach $file ("fred","barney") {
        unless chmod (0666,$file) {
            warn "hmm... couldn't chmod $file.$!";

The Win32::File [ 2 ] extension module provides a way to access and set traditional DOS file attributes like the archive, system, and hidden attributes. This package consists of just two methods: GetAttributes and SetAttributes . Table 13.2 lists the attributes and their significations.

[2] See Appendix B, Libraries and Modules , for an explanation of the Win32 extensions.

Table 13.2: DOS File Attributes and Their Significations




The file has been modified since it was last archived.


The file is a directory.


The file is hidden (that is, it won't normally appear in directory listings).


The file is a normal (read/write) file.


The file is read-only.


The file is a system file (among other things, it can't be deleted without first changing the attributes).

To combine attributes, use the bitwise or operator |. Here's an example of how to make a file read-only, without changing its other attributes:

use Win32::File;
Win32::File::GetAttributes("foo.txt", $attrib) || die $!;
Win32::File::SetAttributes("foo.txt", $attrib | READONLY) ||
        die $!;

Although we won't get to references until Chapter 18, CGI Programming , the $attrib is just that. For now, just know that upon returning from GetAttributes , $attrib will contain an attribute mask consisting of some combination of the values outlined above.

To set user permissions on NTFS filesystems, use either the Win32::FileSecurity extension module, or the Windows NT cacls.exe program, which provides a command-line interface to file permissions.