How to Calculate Chmod Permissions (Easy Guide)

What Is Chmod?

`chmod` stands for "change mode" and it is the Unix/Linux command used to set file and directory permissions. Every file on a Unix system has three sets of permissions that control who can read it, write to it, or execute it.

If you have ever deployed a web app, set up a server, or written a shell script, you have probably run something like:

```bash

chmod 755 deploy.sh

```

But what does 755 actually mean? Let us break it down.

The Three Permission Groups

Every file has permissions for three categories of users:

1. Owner — The user who owns the file

2. Group — Users who belong to the file's group

3. Others — Everyone else on the system

Each group gets its own set of three permissions:

| Permission | Symbol | Octal Value |

|-----------|--------|-------------|

| Read | r | 4 |

| Write | w | 2 |

| Execute | x | 1 |

| None | - | 0 |

How the Numbers Work

The chmod number is three digits, one for each group. Each digit is the sum of the permission values for that group.

Example: 755

• 7 (Owner): Read (4) + Write (2) + Execute (1) = 7 — full access
• 5 (Group): Read (4) + Execute (1) = 5 — can read and run, but not modify
• 5 (Others): Read (4) + Execute (1) = 5 — same as group

In symbolic notation, that is `rwxr-xr-x`.

Example: 644

• 6 (Owner): Read (4) + Write (2) = 6 — can read and modify
• 4 (Group): Read (4) = 4 — read only
• 4 (Others): Read (4) = 4 — read only

Symbolic: `rw-r--r--`

Common Chmod Values

Here are the permissions you will use most often:

755 — Standard for executables and directories

```bash

chmod 755 my-script.sh

chmod 755 /var/www/html

```

Owner can do everything. Everyone else can read and execute but not modify. This is the default for most directories and scripts that need to be runnable.

644 — Standard for regular files

```bash

chmod 644 index.html

chmod 644 config.json

```

Owner can read and write. Everyone else can only read. This is the go-to for web files, config files, and documents.

600 — Private files

```bash

chmod 600 ~/.ssh/id_rsa

chmod 600 .env

```

Only the owner can read and write. Nobody else has any access. Use this for SSH keys, environment files with secrets, and anything sensitive.

777 — Full access for everyone (use with caution)

```bash

chmod 777 /tmp/shared-folder

```

Everyone can read, write, and execute. This is rarely appropriate in production. If you find yourself using 777 to "fix" a permission error, there is almost always a better solution.

700 — Private executables

```bash

chmod 700 ~/bin/my-private-script.sh

```

Only the owner can read, write, and execute. No one else gets any access.

Symbolic vs Numeric Notation

You can also use symbolic notation with chmod:

```bash

# Add execute permission for the owner

chmod u+x script.sh

# Remove write permission for group and others

chmod go-w config.json

# Set exact permissions (same as 755)

chmod u=rwx,go=rx deploy.sh

```

The symbols break down as:

• u = user (owner), **g** = group, **o** = others, **a** = all
• + = add permission, **-** = remove permission, **=** = set exact permission

Numeric notation is faster to type, but symbolic notation is easier to read and is better for making incremental changes.

Quick Reference Table

| Octal | Symbolic | Meaning |

|-------|-------------|---------------------------------------------|

| 777 | rwxrwxrwx | Anyone can do anything |

| 755 | rwxr-xr-x | Owner full, others read & execute |

| 750 | rwxr-x--- | Owner full, group read & execute, others nothing |

| 700 | rwx------ | Owner full, nobody else |

| 644 | rw-r--r-- | Owner read/write, others read only |

| 600 | rw------- | Owner read/write, nobody else |

| 444 | r--r--r-- | Everyone read only |

Common Mistakes

Using 777 in production. This gives every user on the system full access to your files. If a web server process gets compromised, the attacker can modify anything with 777 permissions.

Forgetting about directories. Directories need the execute permission to allow users to `cd` into them and list their contents. A directory with 644 permissions means no one can enter it — you probably want 755.

SSH key permissions too open. SSH will refuse to use a private key if its permissions are too loose. Always use 600 for private keys.

```bash

chmod 600 ~/.ssh/id_rsa

chmod 644 ~/.ssh/id_rsa.pub

chmod 700 ~/.ssh

```

Use the ToolBox Chmod Calculator

Remembering octal math is fine once you have done it a hundred times, but when you are setting up a new server and second-guessing yourself, a visual calculator saves time and mistakes.

The [Chmod Calculator](/tools/chmod-calculator) on ToolBox lets you:

- Toggle read, write, and execute checkboxes for each group

- See the octal number and symbolic notation update in real time

- Start from common presets (755, 644, 600, 777)

- Copy the full `chmod` command to your clipboard

No signup, no ads, runs entirely in your browser. Give it a try next time you are writing a deployment script or setting up a new project.