OS X | Unix

What is the significance of “+” and “@” in Mac OS X file permission tables

If you open terminal in Mac OS X and type the following:

ls -la

You will see a list of files, both visible and hidden in your home directory. The first column will show you the permission table for a particular file (for example, -rw-r--r--), which anyone with some familiarity with unix filesystems will recognize. However, you will also notice a “+” and “@” symbol appearing to the right of the permission tables of some of the files. What are these?

The “@” symbol

This indicates that the file has additional attributes. You can see these additional attributes by typing the following command:

xattr -l <filename>

What are these additional attributes used for? Well one example is this: Have you noticed how in Mac OS X 10.5 when you download a file from the Internet and then try to open it you will get an alert box warning that the file was downloaded from the Internet using Safari or whatever, and a prompt asking whether you would like to open it or not. After opening the file, you do not get a warning the next time the file is opened. Where is the flag for this behavior stored? In the additional attributes of the file. Try downloading a file from the Internet and then navigate to it via Terminal and type xattr -l <downloaded-file>. You will see the additional attributes of the file, which in this case are quite obviously used for file quarantine.

The “+” symbol

This indicates the file has an ACL, short for Access Control List, which is used to give fine grained control over file permissions, beyond what is available with the regular unix permission tables.

Typing the following will show these additional permissions for files in a directory:

ls -le