How do I check current file permissions in Linux?

Use the command 'ls -la' to list files with their permissions. The output shows permissions like -rwxr-xr-x, where the first character is the file type (- for file, d for directory), followed by three groups of rwx for owner, group, and others.

May 8, 2026·10 min read·Unix & Linux

Chmod Permissions Explained: The Complete Linux Guide

Q: What does chmod 755 mean?

chmod 755 means: Owner has full permissions (read + write + execute = 7), Group has read + execute (5), Others have read + execute (5). In symbolic notation: rwxr-xr-x. This is the standard permission for executable scripts and directories.

Q: What is the difference between chmod 644 and 755?

644 (rw-r--r--) gives the owner read/write but no execute, and everyone else read-only. 755 (rwxr-xr-x) adds execute permission for everyone. Use 644 for regular files (HTML, CSS, images) and 755 for scripts, programs, and directories.

Master Unix file permissions. Learn what 755, 644, and 777 mean, symbolic notation, and security best practices with an interactive calculator.

755

Try our interactive Chmod Calculator

Toggle permissions visually and see numeric + symbolic notation in real time.

Open Calculator

What Is chmod?

chmod (change mode) is a Unix and Linux command that controls who can read, write, and execute files and directories. Every file on a Linux system has three sets of permissions for three types of users:

Owner

The user who created the file

Group

Users in the file's group

Others

Everyone else on the system

Each user type can have three permission types: read (r) to view file contents, write (w) to modify or delete, and execute (x) to run as a program or enter a directory. Understanding chmod is essential for every Linux system administrator, DevOps engineer, and web developer. Use our interactive Chmod Calculator to visualize permissions as you learn.

Understanding the Permission Number System

The chmod number system assigns a value to each permission type. These values are added together to create a single digit for each user role:

Permission	Symbol	Value	Meaning
Read	r	4	View file contents or list directory
Write	w	2	Modify, delete, or rename
Execute	x	1	Run as program or enter directory
None	-	0	No permission

Add the values together to get each digit: read (4) + write (2) + execute (1) = 7. Three digits represent owner, group, and others — so 755 means owner=7 (rwx), group=5 (r-x), others=5 (r-x). This math is much easier with our Chmod Calculator — just toggle checkboxes and see the result.

The octal number system (base 8) is used because 3 permission bits map perfectly to one octal digit. If you want to understand how octal relates to binary and decimal, see our Number Base Converter or the octal to decimal conversion page.

Common Permission Values Explained

755rwxr-xr-x

Executable scripts, directories, web app folders

Owner: full control. Group & Others: can read and execute but not modify. The default for most scripts and directories.

644rw-r--r--

Regular files (HTML, CSS, images, configs)

Owner: read & write. Group & Others: read only. The standard for non-executable files on web servers.

600rw-------

Private files (SSH keys, .env, credentials)

Owner only. No one else can read, write, or execute. Required for SSH private keys (~/.ssh/id_rsa).

700rwx------

Private directories, user home folders

Owner has full access. No one else can even list the directory contents.

777rwxrwxrwxUNSAFE

NEVER use in production!

Everyone has full access. Any user can read, modify, delete, and execute. A critical security vulnerability.

444r--r--r--

Read-only files for everyone

Nobody can modify the file, including the owner (without changing permissions first).

Symbolic vs Numeric Notation

There are two ways to use the chmod command. Numeric mode sets all permissions at once with three digits. Symbolic mode uses letters and operators to add or remove specific permissions:

# Numeric mode — set all permissions at once
chmod 755 script.sh          # rwxr-xr-x
chmod 644 index.html         # rw-r--r--
chmod 600 .env               # rw-------

# Symbolic mode — add/remove specific permissions
chmod +x script.sh           # Add execute for everyone
chmod u+x script.sh          # Add execute for owner only
chmod g-w file.txt           # Remove write from group
chmod o-rwx private.key      # Remove all permissions from others
chmod u=rwx,g=rx,o=rx dir/   # Set exact permissions (same as 755)

# Recursive — apply to directory and all contents
chmod -R 755 ./public/       # Set 755 for entire directory tree

When to use which: Numeric mode is faster when you know the exact permissions. Symbolic mode is safer for making small changes (like adding execute) without affecting other permissions. Our Chmod Calculator shows both formats simultaneously.

chmod Examples for Common Scenarios

# Web server files
chmod 644 *.html *.css *.js    # Static files: owner read/write, everyone read
chmod 755 /var/www/html/       # Web root directory

# Scripts and programs
chmod 755 deploy.sh            # Deployment script
chmod 755 /usr/local/bin/app   # Installed binary

# Security-sensitive files
chmod 600 ~/.ssh/id_rsa        # SSH private key (REQUIRED by SSH)
chmod 600 .env                 # Environment variables with secrets
chmod 600 /etc/shadow          # Password hashes

# Shared project directory
chmod 775 /project/shared/     # Owner + group: full access
chmod 664 /project/shared/*    # Files: owner + group read/write

# Docker volumes
chmod -R 755 ./docker-data/    # Container needs read/execute access

# CI/CD pipeline
chmod +x ./scripts/*.sh        # Make all shell scripts executable

For automated permission changes on a schedule, combine chmod with our Cron Expression Generator to create scheduled tasks. Verify file integrity after permission changes using our Hash Generator to compute checksums.

Security Best Practices

Never use chmod 777 in production

It gives everyone full access to read, modify, delete, and execute files. Attackers who gain any level of system access can immediately exploit 777 permissions to upload and execute malicious code.

🔒

Use 600 for credentials and secrets

SSH keys, .env files, database passwords, API tokens — all should be 600 (owner read/write only). SSH will refuse to use a private key with permissions looser than 600.

📁

Directories need execute permission

Execute on a directory means 'can enter'. Without it, users can't cd into the directory or access files inside, even if the files themselves have read permission.

👥

Use groups for shared access

Instead of opening permissions to 'others', create a group, add users to it, and set group permissions. This follows the principle of least privilege.

🔍

Audit permissions regularly

Run 'find / -perm -777' to find all 777 files on your system. Run 'find / -perm -4000' to find SUID files. Review both lists for security issues.

Protect your credentials with strong passwords generated by our Password Generator — use 20+ characters with all character types for maximum security.

Special Permissions (SUID, SGID, Sticky Bit)

Beyond the basic rwx permissions, Linux has three special permission bits that modify execution behavior:

Permission	Numeric	Symbol	What It Does
SUID	4xxx	s (in owner x)	Executes as file owner, not the user running it. Example: `/usr/bin/passwd` runs as root.
SGID	2xxx	s (in group x)	Executes with file's group. On directories, new files inherit the group.
Sticky Bit	1xxx	t (in others x)	On directories, only file owners can delete their own files. Used on `/tmp`.

# Set SUID (runs as owner)
chmod 4755 /usr/local/bin/app    # 4 = SUID + 755

# Set SGID on directory (new files inherit group)
chmod 2775 /project/shared/      # 2 = SGID + 775

# Set Sticky Bit (only owners can delete)
chmod 1777 /tmp/                 # 1 = Sticky + 777

Security warning: SUID binaries are a common attack vector. Only set SUID on programs that absolutely need it. Audit SUID files with find / -perm -4000 -ls.

Frequently Asked Questions

What does chmod 755 mean?

Owner has full permissions (read + write + execute = 7), Group has read + execute (5), Others have read + execute (5). Symbolic: rwxr-xr-x. This is the standard permission for executable scripts and directories.

What is the difference between chmod 644 and 755?

644 (rw-r--r--) gives the owner read/write but no execute. 755 (rwxr-xr-x) adds execute for everyone. Use 644 for regular files (HTML, CSS) and 755 for scripts and directories.

Why should I never use chmod 777?

chmod 777 gives everyone full read, write, and execute access. Any user can modify or delete your files. On web servers, attackers could upload and execute malicious scripts. Always use the minimum permissions needed.

How do I check file permissions in Linux?

Use 'ls -la' to list files with permissions. The output shows -rwxr-xr-x format where the first character is file type, then three groups of rwx for owner, group, others.

Calculate Permissions Instantly

Toggle read, write, execute for owner, group, others. See numeric and symbolic notation in real time with common permission presets.

Open Chmod Calculator

Related Tools & Articles

Chmod Calculator

Interactive permission calculator

Cron Expression Generator

Schedule automated tasks

Hash Generator

Verify file integrity with checksums

Octal to Decimal Converter

Understand octal number system