Chmod Calculator
Calculate Unix/Linux file permissions. Toggle checkboxes to build your chmod value instantly.
No data sent to serverRelated Tools
What is chmod?
chmod ("change mode") is a Unix command (POSIX standard, originally Bell Labs Unix) that sets file and directory permissions. Unix permissions control three actions — read, write, execute — for three classes of user: owner, group, and others (everyone else).
The 9 permission bits
Every file has 9 permission bits arranged as 3 sets of (r, w, x):
-rwxr-xr-x ↑↑↑↑↑↑↑↑↑ │└─┘└─┘└─┘ │ │ │ └─ others (4=r, 2=w, 1=x) │ │ └──── group (4=r, 2=w, 1=x) │ └─────── owner (4=r, 2=w, 1=x) └───────── file type (- regular, d directory, l symlink)
Numeric vs symbolic notation
Two equivalent ways to express the same permissions:
- Numeric (octal): Each user class becomes one digit (4 + 2 + 1).
chmod 755 file - Symbolic: Class + operator + permissions.
chmod u=rwx,g=rx,o=rx file - Symbolic relative:
chmod +x file(add execute for everyone),chmod g-w file(remove group write)
Special bits: setuid, setgid, sticky
An optional 4th leading digit controls three special bits: setuid (4) — execute as the file's owner; setgid (2) — execute as the file's group, or new files in a directory inherit the group; sticky (1) — only the file's owner can delete it (used on /tmp). chmod 4755 /usr/bin/passwd gives passwd setuid root so any user can change their password.
How to Use This Tool
- Click checkboxes in the permission grid to toggle Read / Write / Execute for owner, group, and others. The octal and symbolic representations update live.
- Or type an octal value (e.g.,
755) in the direct input box. 4-digit values like4755apply special bits (setuid/setgid/sticky). - Use preset buttons for common configurations (755, 644, 600, etc.) — click to apply.
- Copy the generated
chmodcommand to use directly in your terminal.
Common Permission Presets
| Octal | Symbolic | Use case |
|---|---|---|
| 755 | rwxr-xr-x | Executable scripts, web dirs, system binaries |
| 644 | rw-r--r-- | Standard data files, web content |
| 700 | rwx------ | Private user dirs (~/.ssh) |
| 600 | rw------- | Private files (.ssh/id_rsa, .pgpass) |
| 444 | r--r--r-- | Read-only for everyone (configs you want to lock) |
| 400 | r-------- | Strict read-only owner (PEM keys, AWS credentials) |
| 775 | rwxrwxr-x | Group-writable executable (shared dev environments) |
| 664 | rw-rw-r-- | Group-writable data file |
| 1755 | rwxr-xr-t | Sticky bit dir (like /tmp — only owner deletes) |
| 2755 | rwxr-sr-x | Setgid dir — new files inherit group |
| 4755 | rwsr-xr-x | Setuid binary (passwd, sudo) — runs as file owner |
Quick rules: Files normally 644, executables 755. Sensitive files 600 or 400. Directories need x to be entered; that's why directories are 755, not 644.
Common Pitfalls
1. chmod 777 — almost never the answer
777 grants read/write/execute to everyone on the system. On shared servers, anyone (or any compromised process) can modify your file. The "fix" for permission errors is rarely 777 — it's identifying which user/group needs access and granting just that. Reach for chown first.
2. SSH key permission errors
SSH refuses keys with permissive permissions. ~/.ssh must be 700, private keys (id_rsa, id_ed25519) must be 600 or stricter. Symptom: "Permissions 0644 are too open" error. Fix: chmod 600 ~/.ssh/id_rsa && chmod 700 ~/.ssh.
3. Recursive chmod on the wrong tree
chmod -R 755 / destroys system permissions and requires reinstalling the OS. Always double-check the path before -R. To safely set 755 for dirs and 644 for files: find . -type d -exec chmod 755 {} + then find . -type f -exec chmod 644 {} +.
4. Directory missing execute bit
Without x on a directory, you can't cd into it or access files inside — even if files have read permission. x on a directory means "traverse" / "enter," not "execute" the directory. Directories almost always need 5 or 7 in their octal.
5. Setuid on shell scripts
Most modern Unixes ignore the setuid bit on shell scripts due to a long-standing race-condition vulnerability. Setuid only works reliably on compiled binaries. If you need a privileged script, write a tiny C wrapper or use sudo with NOPASSWD.
Frequently Asked Questions
What does 755 mean?
Owner has read, write, and execute (7 = 4+2+1); group and others have read and execute (5 = 4+1). Standard for executable scripts, system binaries, and web directories.
Should I ever use 777?
Almost never on a real server. 777 gives everyone full permissions — a security hole. The proper fix is identifying the right user/group with chown and granting minimal needed permissions.
What's the difference between chmod and chown?
chmod changes permissions on a file (who can do what). chown changes ownership (which user / group the file belongs to). You usually need both for proper access control.
What does the leading digit (4 in 4755) mean?
Special permission bits: 4 = setuid, 2 = setgid, 1 = sticky.4755 = setuid + 755. 2775 = setgid + 775 (common on shared dev directories so files inherit group). 1777 = sticky + 777 (used on /tmp).
Why does my web server need x permission?
The web server process (e.g., www-data or nginx) needs x on every parent directory to traverse into the file's location, plus r on the file itself. 755 on directories + 644 on files is the standard pattern.
What's the difference between symbolic and numeric chmod?
Numeric (chmod 755) sets all 9 bits to a known state. Symbolic (chmod u+x) modifies relative to the current state. Use numeric for absolute settings, use symbolic for incremental changes (e.g., "add execute for owner only").
⚠️ Reference Only
Output is generated based on your input and is provided for reference. Results may vary depending on your specific use case, edge cases, or environment-specific behavior. We do not guarantee accuracy of conversions, validations, or computed values.
Always verify critical outputs against official documentation or production environments. We are not responsible for any decisions or losses based on these tool results.
📖 Related Guides
Regex Lookahead and Lookbehind Explained
Master regex zero-width assertions: positive/negative lookahead and lookbehind.
Unix Timestamp vs ISO 8601 — Which to Use?
Compare Unix timestamps and ISO 8601 dates for storage, APIs, and human readability.
HTTP Status Codes — Complete Reference (1xx–5xx)
RFC 9110 with real-world API patterns. 401 vs 403, 409 vs 422, 502 vs 503 vs 504.