Permission Grid
| Read (4) | Write (2) | Execute (1) | Octal | |
|---|---|---|---|---|
| Owner | 7 | |||
| Group | 5 | |||
| Others | 5 |
Common Presets
Result
Permission Summary
Common chmod values — quick reference
| Octal | Symbolic | Owner | Group | Others | Typical use |
|---|---|---|---|---|---|
| 755 | rwxr-xr-x | rwx | r-x | r-x | Directories, executables, web server files |
| 644 | rw-r--r-- | rw- | r-- | r-- | Regular files (default) |
| 600 | rw------- | rw- | --- | --- | SSH private keys, sensitive configs, .env files |
| 400 | r-------- | r-- | --- | --- | Strictly read-only secrets (AWS credentials) |
| 700 | rwx------ | rwx | --- | --- | Private scripts, ~/.ssh directory |
| 777 | rwxrwxrwx | rwx | rwx | rwx | Avoid in production — debug only |
| 664 | rw-rw-r-- | rw- | rw- | r-- | Shared group-writable files |
| 775 | rwxrwxr-x | rwx | rwx | r-x | Shared group-writable directories |
chmod recursive — applying permissions to a directory tree
The -R flag applies chmod to a directory and everything inside it:
chmod -R 755 /var/www/htmlBut there's a gotcha: the same octal for files and directories is almost never what you want. Directories need execute (x) to allow cd into them; files don't. Running chmod -R 644 . on a project makes every directory unreadable.
The correct idiom for "files 644, directories 755":
# Set directories to 755
find . -type d -exec chmod 755 {} +
# Set files to 644
find . -type f -exec chmod 644 {} +Or with a single chmod using X (capital) — which means "x only if target is a directory or already executable":
chmod -R u=rwX,go=rX .Capital X is the single least-known chmod trick and usually what you actually want when recursing.
chmod +x — making a script executable
chmod +x script.sh adds the execute bit for everyone (equivalent to chmod a+x). Common uses:
# Make shell / Python / Node scripts runnable
chmod +x deploy.sh
./deploy.sh # now executable
# Only owner can execute (more secure for personal scripts)
chmod u+x secret.sh
# Remove execute for group + others (for scripts with secrets)
chmod go-x secret.shThe scripts still need a valid shebang on the first line (#!/bin/bash, #!/usr/bin/env python3, etc.). A missing shebang with +x set just produces "command not found" when you run it.
setuid, setgid, sticky bit — the 4th octal digit
Normal chmod has 3 octal digits (owner, group, others). A 4th digit adds special bits:
chmod 4755 /usr/bin/passwd— setuid bit. When run, the program runs with the owner's permissions instead of the user's./usr/bin/passwdis setuid root so regular users can update/etc/shadow.chmod 2775 /shared/project— setgid bit on a directory. New files created inside inherit the directory's group (instead of the user's primary group). Essential for multi-user shared project directories.chmod 1777 /tmp— sticky bit. Any user can create files, but only the file owner (or root) can delete them./tmpuses this so one user can'trmanother's temp files.
Setuid + setgid are security-sensitive — audit with find / -perm -4000 -type f periodically to catch unexpected setuid binaries.
Frequently Asked Questions
How do I calculate chmod permissions online?
Click checkboxes for read / write / execute for owner, group and other. The tool shows both the symbolic form (`rwxr-xr--`) and the octal form (`754`) so you can `chmod 754 file` or `chmod u=rwx,g=rx,o=r file`. No guessing, no recomputing.
What does chmod 755 or 777 mean?
`chmod 755` = owner read/write/execute, group + others read/execute. Standard for executables and directories. `chmod 777` = everyone can read, write and execute — almost never correct in production (security risk). `644` is the default for data files.
How do I chmod a directory vs a file?
Files and directories use the same octal numbers, but execute on a directory means "can list contents" (not run as program). Typical: files `644`, directories `755`. Use `-R` for recursive `chmod -R 644 .` (and `find . -type d -exec chmod 755 {} +` to fix dir permissions).
What's the difference between symbolic chmod and octal chmod?
Symbolic is relative: `chmod u+x` adds execute for owner, leaves others alone. Octal is absolute: `chmod 755` sets exactly those permissions, overwriting. Symbolic is safer for incremental changes; octal is faster for known states.
What is the setuid, setgid and sticky bit in chmod?
The 4th octal digit: setuid (`4xxx`) runs a program as its owner (used by `passwd`), setgid (`2xxx`) enforces group inheritance on new files in a directory, sticky bit (`1xxx`) stops users deleting others' files in shared dirs like `/tmp`. Our calculator exposes all three.
Smarter quality checks. Faster deployments.
Better apps.
