It has been suggested that the system protects users from interfering with files that aren't theirs. This is done using the permission bits and ownership information that is kept by the system for every file in the file system. These permission bits determine who may read, write, and execute the file. These permissions are divided into owner, group, and others. If only the owner permission bits are set, then only the owner may perform those functions on the file. Debian creates user accounts, each with their own group, and defaults the umask value to 002, which causes all files created, to have default permissions that match the user only, thus protecting any files created by this user account from inadvertent tampering.
Only the owner of a file, or root, may change the ownership of a file. This is done with the program chown which modifies the ownership to be that of another user account. If the file is permitted for read by others, then when Joe copies such a file from one of Fred's publicly readable directories, the file copied into Joe's directory will now be owned by Joe's user account. This give Fred the ability to let others use his material without letting them change any of the original files. To prevent such ``theft'' of a file, for material that is private, the permissions on the file need to be set to restrict read permission for others.
The command chmod is used to change the permissions of files in the file system. Only the owner (and root) may change the permissions on a file. If Fred wants to keep the file private.txt from being read by others, he would enter the following command:
chmod go-wxr private.txt
This removes all permissions from either group or others, to either write, execute, or read the file private.txt. Now only the fred account can read, write, or execute the file private.txt.