d rwx rwx rwx
| |-| |-| |-|
|  |   |   |
|  |   |   |
|  |   |   other (everyone else, inclusive) permissions
|  |   |
|  |   group permissions
|  |
| owner permissions
|   first position:
|     files:
|       r = owner can read the file
|       - = owner can't read
|     directories:
|       r = owner can list contents of the directory
|           (but can't necessarily get to them)
|       - = owner can't list the contents of the directory
|           (but might be able to get to them)
|   second position:
|     files:
|       w = owner can write/modify the file
|       - = owner can't write/modify the file
|     directories:
|       w = owner can write or delete files from the directory
|         note: a user can "modify" a file that's owned by another user
|              by reading it (requires read permission), deleting it,
|              and then writing a file with the same name. This will
|              change the ownership of the file.
|       - = owner can't write or delete files from the directory 
|   third position:
|     files:
|       x = execute (run as a program)
|       S = set the userid of the process to the
|           owner of the program (instead of the user id
|           executing the program) for the duration of the 
|           program being run. This does not include the user
|           themself being allowed to execute the program permissions.
|       s = S semantics with x permissions
|  
------  d = directory
        p = named pipe/fifo (man mkfifo)
        s = unix domain socket (man socket)
        l = symblic link (man ln)