Linux Chmod Permissions: A Complete Guide with Visual Examples
Linux file permissions are essential knowledge for every developer, but what do 777, 755, and 644 actually mean? How do you read rwxr-xr-x? This guide explains everything from basics to advanced tricks.
The Three-Tier Permission Structure
Every Linux file has three permission groups for three types of users:
| Role | Symbol | Meaning |
|---|---|---|
| Owner | u (user) | The file creator |
| Group | g (group) | Members of the same user group |
| Others | o (others) | Everyone else |
Each permission group has three operations:
| Operation | Symbol | Number |
|---|---|---|
| Read | r | 4 |
| Write | w | 2 |
| Execute | x | 1 |
How to Calculate Numeric Permissions
Add up the numbers for each group, then combine all three groups.
Example: What does 755 mean?
- Owner: 7 = 4(r) + 2(w) + 1(x) = Read, write, execute ✓
- Group: 5 = 4(r) + 0(w) + 1(x) = Read and execute ✓
- Others: 5 = 4(r) + 0(w) + 1(x) = Read and execute ✓
Example: What does 644 mean?
- Owner: 6 = 4(r) + 2(w) + 0(x) = Read and write ✓
- Group: 4 = 4(r) + 0(w) + 0(x) = Read only ✓
- Others: 4 = 4(r) + 0(w) + 0(x) = Read only ✓
Common Permission Reference Table
| Numeric | Symbolic | Typical Use Case |
|---|---|---|
| 777 | rwxrwxrwx | Temp directories (not recommended for production) |
| 755 | rwxr-xr-x | Executable files, website directories |
| 644 | rw-r--r-- | Regular files, config files |
| 700 | rwx------ | Private scripts, SSH directories |
| 600 | rw------- | SSH private keys, sensitive configs |
| 444 | r--r--r-- | Read-only files |
| 000 | --------- | No permissions at all |
Understanding Symbolic Permissions
Symbolic permissions use 9 characters, grouped in threes:
rwx r-x r-x
├──┤ ├──┤ ├──┤
Owner Group Others
Symbolic Syntax with chmod
# Add execute permission for owner
chmod u+x script.sh
# Remove write permission for group and others
chmod go-w config.yml
# Set all permissions at once
chmod u=rwx,g=rx,o=rx script.sh
Special Permissions
Beyond rwx, there are three special permission bits:
| Special | Numeric | Symbolic | Purpose |
|---|---|---|---|
| SUID | 4 | u+s | Execute as file owner |
| SGID | 2 | g+s | Execute as file group |
| Sticky | 1 | o+t | Only owner can delete files |
Example: What is 4755?
- 4 = SUID bit set
- 755 = Owner has rwx, group and others have rx
Common in /usr/bin/passwd - lets regular users run it as root to change passwords.
Practical Tips
Quick Security Check
# Find files with overly permissive permissions
find /var/www -perm 777 -type f
# Find SUID files (potential security risk)
find / -perm -4000 -type f
Standard Web Directory Permissions
# Directories: 755
find /var/www -type d -exec chmod 755 {} \;
# Files: 644
find /var/www -type f -exec chmod 644 {} \;
Don't Want to Calculate Manually? Use an Online Tool
Converting between numeric and symbolic permissions is error-prone, especially with special bits. I use an online Chmod calculator - just check the boxes and it auto-generates the command:
👉 Chmod Permission Calculator - Jiebang Tools
Check permissions → Auto-generate chmod 755 file command → Copy and use directly.
Summary
| What You Want | Command |
|---|---|
| Make script executable | chmod +x script.sh |
| Protect config file | chmod 600 config.yml |
| Set web directory | chmod 755 /var/www |
| Set SUID bit | chmod 4755 /usr/bin/cmd |
| Batch set directories | find . -type d -exec chmod 755 {} \; |
Remember: Use minimum permissions necessary, never use 777 by default. Security first!
Top comments (0)