Published: May 26, 2026
Every file and directory on a Unix or Linux system has a set of permissions that control who can read, write, and execute it. These permissions are the foundation of system security. The chmod command (short for change mode) is how you modify them.
If you've ever run chmod 755 script.sh or seen chmod +x in setup instructions, you've used permission management. But understanding what those numbers and symbols actually mean is essential for every developer who works with Linux servers, Docker containers, CI/CD pipelines, or macOS terminals.
Unix permissions are divided into three groups (triads), each applying to a different category of user:
Each triad contains three permission bits:
cd into it)$ ls -l script.sh
-rwxr-xr-- 1 alice devops 1024 May 26 10:00 script.shReading from left to right: - means it's a regular file. Then rwx (owner: read, write, execute), r-x (group: read, execute), r-- (others: read only).
Each permission bit has a numeric value: r=4, w=2, x=1. Sum them for each triad to get a single digit 0–7. This gives us the three-digit octal mode.
rwx = 4+2+1 = 7
rw- = 4+2+0 = 6
r-x = 4+0+1 = 5
r-- = 4+0+0 = 4
--- = 0+0+0 = 0So chmod 755 file means: owner gets rwx (7), group gets r-x (5), others get r-x (5).
# Numeric mode examples
chmod 755 script.sh # rwxr-xr-x — standard for executable scripts
chmod 644 config.yml # rw-r--r-- — standard for regular files
chmod 700 private.key # rwx------ — only owner can access
chmod 600 .env # rw------- — only owner can read/write secretsSymbolic mode lets you modify permissions using letters and operators. The syntax is: who (u/g/o/a) operator (+/-/=) permission (r/w/x).
# Symbolic mode examples
chmod u+x script.sh # add execute for the owner
chmod g-w file.txt # remove write for the group
chmod o+r file.txt # add read for others
chmod a+x script.sh # add execute for everyone (all)
chmod u=rw,g=r,o= file # set exact permissionsThe = operator sets the permissions exactly, clearing any bits not specified. o= with nothing after it clears all permissions for others.
Here are the most frequently used permission sets in real-world development:
| Mode | Symbolic | Use Case |
|---|---|---|
| 644 | rw-r--r-- | Regular files (HTML, CSS, configs) |
| 755 | rwxr-xr-x | Executables, directories |
| 600 | rw------- | SSH keys, secrets, .env files |
| 700 | rwx------ | Private scripts, .ssh directory |
| 777 | rwxrwxrwx | ⚠️ Avoid — completely open |
Beyond the basic rwx bits, Unix has three special permission flags:
/usr/bin/passwd (chmod 4755)./tmp, prevents users from deleting files they don't own. Appears as t in ls -l output.chmod 4755 /usr/bin/myapp # SUID: run as owner
chmod 2770 /shared/project # SGID: shared group directory
chmod 1777 /tmp # Sticky: anyone can write, only owner deletescd) a directory.find /path -perm /6000 to spot SUID/SGID files.Converting between symbolic and numeric permissions can be tedious. Our free chmod calculator lets you toggle checkboxes for owner, group, and others — and instantly see the numeric mode, symbolic representation, and the exact chmod command.
Whether you're setting up a new server or debugging a permission error, the chmod calculator is the fastest way to get the right permissions. It also handles SUID, SGID, and sticky bit modes. Completely free, no signup needed.
Understanding Unix file permissions is a fundamental skill for any developer or system administrator. The rwx triad system, numeric and symbolic notation, and special bits like SUID and sticky bit are concepts you'll encounter daily on any Linux or macOS system. Bookmark our free chmod calculator for quick reference, and always follow the principle of least privilege: give files and directories only the permissions they actually need.