Permission Rules

Three bits cover all authorization needs for a file:
Read, Write, eXecute
All combinations make sense

A process is nothing more than the execution of a file
Machine code files are executed by the kernel
Text files are executed by the shell
Files can also name their own interpreter

Three permission levels cover all authorization requirements
User, Group, Other users
Each user can be part of several groups

Privilege escalation of a process is managed by extra bits
Set-uid, set-gid
A process executing the program changes its own identity

You'll also hear about more complications introduced later
But this basic approach works for most needs