DEV Community

jiebang-tools
jiebang-tools

Posted on

Linux Chmod Permissions: A Complete Guide with Visual Examples

Linux Chmod Permissions: A Complete Guide with Visual Examples

Linux file permissions are essential knowledge for every developer, but what do 777, 755, and 644 actually mean? How do you read rwxr-xr-x? This guide explains everything from basics to advanced tricks.

The Three-Tier Permission Structure

Every Linux file has three permission groups for three types of users:

Role Symbol Meaning
Owner u (user) The file creator
Group g (group) Members of the same user group
Others o (others) Everyone else

Each permission group has three operations:

Operation Symbol Number
Read r 4
Write w 2
Execute x 1

How to Calculate Numeric Permissions

Add up the numbers for each group, then combine all three groups.

Example: What does 755 mean?

  • Owner: 7 = 4(r) + 2(w) + 1(x) = Read, write, execute ✓
  • Group: 5 = 4(r) + 0(w) + 1(x) = Read and execute ✓
  • Others: 5 = 4(r) + 0(w) + 1(x) = Read and execute ✓

Example: What does 644 mean?

  • Owner: 6 = 4(r) + 2(w) + 0(x) = Read and write ✓
  • Group: 4 = 4(r) + 0(w) + 0(x) = Read only ✓
  • Others: 4 = 4(r) + 0(w) + 0(x) = Read only ✓

Common Permission Reference Table

Numeric Symbolic Typical Use Case
777 rwxrwxrwx Temp directories (not recommended for production)
755 rwxr-xr-x Executable files, website directories
644 rw-r--r-- Regular files, config files
700 rwx------ Private scripts, SSH directories
600 rw------- SSH private keys, sensitive configs
444 r--r--r-- Read-only files
000 --------- No permissions at all

Understanding Symbolic Permissions

Symbolic permissions use 9 characters, grouped in threes:

rwx r-x r-x
├──┤ ├──┤ ├──┤
 Owner Group Others
Enter fullscreen mode Exit fullscreen mode

Symbolic Syntax with chmod

# Add execute permission for owner
chmod u+x script.sh

# Remove write permission for group and others
chmod go-w config.yml

# Set all permissions at once
chmod u=rwx,g=rx,o=rx script.sh
Enter fullscreen mode Exit fullscreen mode

Special Permissions

Beyond rwx, there are three special permission bits:

Special Numeric Symbolic Purpose
SUID 4 u+s Execute as file owner
SGID 2 g+s Execute as file group
Sticky 1 o+t Only owner can delete files

Example: What is 4755?

  • 4 = SUID bit set
  • 755 = Owner has rwx, group and others have rx

Common in /usr/bin/passwd - lets regular users run it as root to change passwords.

Practical Tips

Quick Security Check

# Find files with overly permissive permissions
find /var/www -perm 777 -type f

# Find SUID files (potential security risk)
find / -perm -4000 -type f
Enter fullscreen mode Exit fullscreen mode

Standard Web Directory Permissions

# Directories: 755
find /var/www -type d -exec chmod 755 {} \;

# Files: 644
find /var/www -type f -exec chmod 644 {} \;
Enter fullscreen mode Exit fullscreen mode

Don't Want to Calculate Manually? Use an Online Tool

Converting between numeric and symbolic permissions is error-prone, especially with special bits. I use an online Chmod calculator - just check the boxes and it auto-generates the command:

👉 Chmod Permission Calculator - Jiebang Tools

Check permissions → Auto-generate chmod 755 file command → Copy and use directly.

Summary

What You Want Command
Make script executable chmod +x script.sh
Protect config file chmod 600 config.yml
Set web directory chmod 755 /var/www
Set SUID bit chmod 4755 /usr/bin/cmd
Batch set directories find . -type d -exec chmod 755 {} \;

Remember: Use minimum permissions necessary, never use 777 by default. Security first!

Top comments (0)