Chmod Calculator

Unix File Permissions Made Visual

Every file and directory on Unix, Linux, and macOS systems has three permission sets: one for the file's owner, one for the owner's group, and one for all other users. Each set independently controls read (r), write (w), and execute (x) access. These nine permission bits are represented in two interchangeable notations: symbolic (like rwxr-xr-x, displayed by ls -l) and numeric (like 755, used with the chmod command). Click the permission checkboxes above or enter a numeric value to convert between the two notations and see exactly who can do what with the file, with explanations of the practical implications for common scenarios.

What the Numbers Mean

Each permission has a numeric weight: read = 4, write = 2, execute = 1. A permission set's numeric value is the sum of its active permissions: rwx = 4+2+1 = 7 (full access), r-x = 4+0+1 = 5 (read and execute, no write), r-- = 4+0+0 = 4 (read only), --- = 0+0+0 = 0 (no access). The three-digit number represents owner-group-others in that order: 755 means the owner has rwx (7, full access), the group has r-x (5, read and execute), and others have r-x (5, read and execute). Common permission values and their typical uses: 644 for regular files (owner reads and writes, everyone else reads only - standard for web content files, configuration files, and documents). 755 for executables, scripts, and directories (owner has full access, everyone else can read and execute). 600 for sensitive files (owner reads and writes, no one else can access - used for private keys, passwords, and personal configuration files). 700 for private directories (owner has full access, no one else can even list contents). 777 grants full access to everyone and should virtually never be used on a production system because any user or process on the machine can read, modify, and execute the file.

Directories Behave Differently

For regular files, read means you can view the contents, write means you can modify the contents, and execute means you can run the file as a program or script. For directories, the permissions have different meanings that are frequently misunderstood. Read (r) allows listing the directory's contents (seeing filenames via ls). Write (w) allows creating, deleting, and renaming files inside the directory. Execute (x) allows entering the directory (cd into it) and accessing files within it by name. These permissions combine in sometimes counterintuitive ways: a directory with r-- (read only) lets you see filenames but not access any files inside. A directory with --x (execute only) lets you access files if you already know their names but not list what files exist. A directory with -wx lets you create and delete files but not list existing ones (used for temporary upload directories). A web server's document root typically needs 755 so the web server process (running as a different user) can traverse directories and read files to serve them.

Special Permission Bits: SUID, SGID, and Sticky Bit

Beyond the nine basic permission bits, Unix supports three special bits. The Set User ID (SUID) bit, represented as an s in the owner's execute position (rws------) or as 4xxx in numeric notation, causes a program to run with the file owner's privileges regardless of who executes it. The passwd command has SUID set so any user can run it but it executes with root privileges to modify the password database. The Set Group ID (SGID) bit (rwxr-s---) on a directory causes new files created inside to inherit the directory's group rather than the creating user's primary group, useful for shared project directories. The Sticky bit (rwxrwxrwt, numeric 1xxx) on a directory prevents users from deleting or renaming files they do not own, even if they have write permission on the directory. The /tmp directory has the sticky bit set (typically 1777) so all users can create temporary files but cannot delete each other's files. SUID programs are potential security risks because a vulnerability in a SUID-root program gives the attacker root access.

Frequently asked questions