Every developer hits that moment: you deploy to a server, and suddenly nothing works because of permission errors. You Google "chmod 777" and paste it in. It fixes the problem — and creates ten new ones.
Let's break down Unix file permissions so you actually understand what you're doing.
The Permission Model
Every file and directory in Unix has three permission groups:
- Owner (u) — the user who owns the file
- Group (g) — users in the file's group
- Others (o) — everyone else
Each group gets three permission types:
- Read (r) — view file contents or list directory
- Write (w) — modify file or create/delete files in directory
- Execute (x) — run file as program or access directory
Reading ls -l Output
When you run ls -l, you see something like:
-rwxr-xr-- 1 deploy www-data 4096 Mar 9 config.yml
That first column breaks down as:
- rwx r-x r--
│ │ │ │
│ │ │ └── Others: read only
│ │ └─────── Group: read + execute
│ └──────────── Owner: read + write + execute
└─────────────── File type (- = file, d = directory)
The Octal System
Each permission has a numeric value:
- Read = 4
- Write = 2
- Execute = 1
Add them up for each group. So rwxr-xr-- becomes:
- Owner: 4+2+1 = 7
- Group: 4+0+1 = 5
- Others: 4+0+0 = 4
Result: 754
Instead of memorizing the math, use a chmod calculator — check the boxes for the permissions you want, and it gives you the numeric code instantly. It also works in reverse: enter a number and see what permissions it represents.
Common Permission Patterns
| Octal | Symbolic | Use Case |
|---|---|---|
| 755 | rwxr-xr-x | Executables, public directories |
| 644 | rw-r--r-- | Config files, HTML/CSS/JS |
| 700 | rwx------ | Private scripts, SSH directory |
| 600 | rw------- | SSH keys, secrets |
| 775 | rwxrwxr-x | Shared group directories |
| 666 | rw-rw-rw- | Temp files (avoid in production) |
| 777 | rwxrwxrwx | Never use this in production |
Why chmod 777 Is Dangerous
chmod 777 means "anyone can read, write, and execute this file." On a web server, that means:
- Any process can modify your config files
- Uploaded scripts can be executed
- Other users on shared hosting can access your data
Instead, figure out the minimum permissions needed. A web server serving static files usually needs 644 for files and 755 for directories.
The chmod Command
# Numeric (octal) mode
chmod 755 script.sh
# Symbolic mode — more readable
chmod u+x script.sh # Add execute for owner
chmod g-w config.yml # Remove write for group
chmod o= secrets.env # Remove all permissions for others
chmod a+r public.html # Add read for all (a = all)
# Recursive — apply to all files in directory
chmod -R 644 /var/www/html/
Understanding Number Bases
The octal permission system uses base-8 numbers. If you've ever been confused about why permissions use 0-7 instead of 0-9, it's because three binary bits (representing r, w, x) map perfectly to one octal digit:
Binary Octal Permissions
000 0 ---
001 1 --x
010 2 -w-
011 3 -wx
100 4 r--
101 5 r-x
110 6 rw-
111 7 rwx
A number base converter helps you visualize these conversions between binary, octal, decimal, and hex — useful for understanding not just permissions but also networking, memory addresses, and color codes.
Special Permissions
Beyond the basic rwx, there are three special bits:
Setuid (4xxx) — File executes as the file owner, not the user running it.
chmod 4755 /usr/bin/passwd # Runs as root even when called by a regular user
Setgid (2xxx) — File executes as the group owner. On directories, new files inherit the directory's group.
chmod 2775 /shared/project/ # New files get the project group
Sticky bit (1xxx) — On directories, only the file owner can delete their files.
chmod 1777 /tmp/ # Everyone can write, but only delete their own files
Quick Debugging Checklist
When you hit permission errors:
-
Check current permissions:
ls -la filename -
Check file ownership:
ls -la filename(columns 3 and 4) -
Check your user/groups:
idorwhoamiandgroups - Check parent directories: You need execute permission on every directory in the path
- Use the calculator: Don't guess — use a chmod calculator to set exact permissions
Wrapping Up
File permissions aren't complicated once you understand the three groups and three types. The key is to always use the minimum permissions needed rather than reaching for 777.
Bookmark a chmod calculator for quick reference, and check out DevToolBox for more free browser-based developer tools including a number base converter and 48 other utilities.
Top comments (0)