Chmod Calculator - Unix File Permission Calculator
How to Use the Chmod Calculator
Click the checkboxes in the permission grid to toggle read, write, and execute permissions for owner, group, and others. The numeric (octal), symbolic, and command representations update instantly. Use the common presets to quickly apply standard permission sets. Type a three-digit octal number in the reverse calculator input to update the grid from numeric notation.
Understanding Unix File Permissions
Every file and directory on a Unix or Linux system has three sets of permissions assigned to three categories of users: the file owner, the group, and everyone else (others). Each category can independently be granted read, write, and execute permissions, creating a flexible access control system.
The Three Permission Types
Read (r = 4) allows viewing the contents of a file. For directories, read permission allows listing the files inside. Without read permission, users cannot see what a file contains or what files exist in a directory.
Write (w = 2) allows modifying a file’s contents. For directories, write permission allows creating, deleting, and renaming files within that directory. This is the most sensitive permission since it controls who can change data.
Execute (x = 1) allows running a file as a program or script. For directories, execute permission allows entering the directory and accessing files within it. A directory needs execute permission for users to cd into it, even if they have read permission.
Octal Notation Explained
The octal (numeric) notation represents each permission set as a single digit from 0 to 7. Each digit is the sum of the permission values: read (4) + write (2) + execute (1). For example, 7 means all permissions (4+2+1), 5 means read and execute (4+1), and 0 means no permissions. Three digits represent owner, group, and others in that order.
| Octal | Binary | Symbolic | Permissions |
|---|---|---|---|
| 0 | 000 | --- | None |
| 1 | 001 | —x | Execute only |
| 2 | 010 | -w- | Write only |
| 4 | 100 | r— | Read only |
| 5 | 101 | r-x | Read + Execute |
| 6 | 110 | rw- | Read + Write |
| 7 | 111 | rwx | Read + Write + Execute |
Security Best Practices
Follow the principle of least privilege: grant only the minimum permissions necessary. Start with restrictive permissions like 600 or 644 and expand only when needed. Directories that must be served by a web server typically need 755, while served files need 644.
Never use 777 in production environments. If an application requires 777 to function, it usually indicates a configuration problem with ownership or group membership that should be fixed at that level instead.
Sensitive files like private keys, password files, and configuration files with credentials should be restricted to 600 or 400. Regularly audit file permissions on servers with find / -perm -o+w -type f to locate world-writable files that may pose security risks.
Common Permission Patterns
- Web server files: 644 for files, 755 for directories, owned by the web server user
- Home directories: 700 or 750, depending on whether group members need access
- Shared directories: 775 with a shared group, or use sticky bit (1775) to prevent deletion by non-owners
- Cron jobs: 644 for crontab files, 755 for scripts they execute
- Log files: 640 or 644, owned by the service that writes them
Related Tools
- Cron Expression Builder - Build and validate cron schedule expressions
- DNS Lookup - Query DNS records for any domain
Frequently Asked Questions
What does chmod 755 mean?
chmod 755 sets the file permission so the owner can read, write, and execute (7 = 4+2+1), while the group and others can read and execute but not write (5 = 4+1). This is the standard permission for directories and executable scripts on Unix systems. The owner has full control, and everyone else can access and run the file without modifying it.
What is the difference between 644 and 755?
644 (rw-r--r--) allows the owner to read and write, while group and others can only read. 755 (rwxr-xr-x) adds execute permission to all three roles. Use 644 for regular files like configuration files or documents. Use 755 for directories, shell scripts, and any file that needs to be executed or traversed.
Why should I avoid chmod 777?
chmod 777 gives read, write, and execute permission to everyone on the system, including other users and processes. This is a security risk because any user or compromised process can modify or delete the file. In most cases, 755 for directories and 644 for files provide sufficient access. Only use 777 temporarily for debugging and always revert to restrictive permissions afterward.
How do I read symbolic permissions like rwxr-xr-x?
Symbolic permissions are read in three groups of three characters. The first group (rwx) is the owner, the second (r-x) is the group, and the third (r-x) is others. Each position represents read (r), write (w), and execute (x). A dash (-) means that permission is denied. So rwxr-xr-x means the owner can do everything, while group and others can read and execute but not write.
What permissions should I use for SSH keys?
SSH private keys must be set to 600 (rw-------) or 400 (r--------). OpenSSH will refuse to use a private key if other users have any access. The .ssh directory itself should be 700 (rwx------). Public keys can be 644 (rw-r--r--). The authorized_keys file should be 600. These strict permissions prevent other users from reading your private credentials.