Chmod Calculator

Calculate and convert between symbolic and numeric Unix file permissions using the chmod command syntax.

Calculate Your Chmod Calculator

What is chmod?

The chmod command (change mode) is a Unix/Linux command used to change the access permissions of files and directories. It controls who can read, write, or execute a file, providing a fundamental level of security in Unix-based operating systems. Understanding chmod permissions is essential for system administrators, developers, and anyone working with Linux or Unix systems.

Permission Types

Unix file permissions are based on three types of access for three categories of users:

Permission Types

  • Read (r): View file contents or list directory contents
  • Write (w): Modify file contents or add/remove files in a directory
  • Execute (x): Run the file as a program or enter a directory

User Categories

  • Owner (u): The user who owns the file
  • Group (g): Users who are members of the file's group
  • Others (o): All other users on the system

Numeric (Octal) Notation

Chmod permissions can be represented using numeric (octal) notation, where each permission type is assigned a value:

Read (r)

4

Write (w)

2

Execute (x)

1

The permission value for each user category is the sum of the values for the granted permissions:

chmodxyzchmod xyz

where x = owner permissions, y = group permissions, z = other permissions

chmod 755

Owner: 7 (4+2+1) = rwx

Group: 5 (4+0+1) = r-x

Others: 5 (4+0+1) = r-x

chmod 644

Owner: 6 (4+2+0) = rw-

Group: 4 (4+0+0) = r--

Others: 4 (4+0+0) = r--

chmod 600

Owner: 6 (4+2+0) = rw-

Group: 0 (0+0+0) = ---

Others: 0 (0+0+0) = ---

Symbolic Notation

Symbolic notation uses letters and symbols to represent users and permissions:

User Symbols:

  • u = owner
  • g = group
  • o = others
  • a = all (equivalent to ugo)

Operation Symbols:

  • + = add permission
  • - = remove permission
  • = = set exact permission

Examples of symbolic notation:

chmod u+x fileAdd execute permission for the owner
chmod go-w fileRemove write permission from group and others
chmod a=r fileSet read-only permission for all users
chmod u=rwx,g=rx,o=r fileSet specific permissions for each user category

Common Permission Scenarios

Regular Files

644 (rw-r--r--): Owner can read and write, group and others can only read

Good for configuration files and documents that should be viewable but not editable by others.

Private Files

600 (rw-------): Owner can read and write, no access for anyone else

Ideal for sensitive files like SSH private keys, API credentials, and personal data.

Directories

755 (rwxr-xr-x): Owner can read, write, and access; group and others can read and access

Common for directories where content should be visible but not modifiable by others.

Executable Scripts

755 (rwxr-xr-x): Owner can read, write, and execute; group and others can read and execute

Appropriate for shell scripts and programs that need to be executed by multiple users.

Security Best Practices

Principle of Least Privilege: Give users only the permissions they need to perform their tasks, and no more.

Avoid 777 Permissions: Setting chmod 777 (full access for everyone) is rarely necessary and creates significant security risks.

Secure Sensitive Files: Use 600 or 400 for sensitive files like private keys or credentials.

Use Group Permissions: Create appropriate user groups and assign permissions accordingly rather than giving broad "others" permissions.

See Also

Frequently Asked Questions

Chmod (change mode) is a Unix command used to change the access permissions of files and directories. It controls who can read, write, or execute a file. This command is essential for managing security on Unix-like operating systems such as Linux, macOS, and FreeBSD.

Numeric permissions in chmod use a 3-digit octal number system. Each digit represents permissions for different user types: owner, group, and others. For each user type, the digit is calculated by adding: 4 (read), 2 (write), and 1 (execute). For example, 755 gives read/write/execute (7) to the owner and read/execute (5) to group and others.

Symbolic mode uses letters and symbols to specify permissions: User categories: u (owner), g (group), o (others), a (all); Operations: + (add), - (remove), = (set exactly); Permissions: r (read), w (write), x (execute). Numeric mode uses octal numbers as described above. Symbolic is more readable but numeric is more concise. For example, 'chmod u+rwx,go+rx file' and 'chmod 755 file' do the same thing.

Beyond the basic read/write/execute permissions, chmod supports special permissions: setuid (4000): When set on an executable file, the program runs as the file owner, not as the user who launched it; setgid (2000): When set on an executable, the program runs with the privileges of the file's group; sticky bit (1000): When set on a directory, only the file owner can delete or rename files within it. These are represented by a fourth digit preceding the standard three digits, like 4755 or 2755.

Recursive permissions allow you to apply permission changes to a directory and all files and subdirectories it contains. In command line, this is done with the -R flag (chmod -R 755 directory/). Be careful when using recursive permissions as they can affect many files at once and potentially cause security issues if applied incorrectly.

Share This Calculator

Found this calculator helpful? Share it with your friends and colleagues!