Unix File Permissions Calculator

Interactive chmod calculator — toggle permissions visually and get the numeric, symbolic, and command-line representations instantly.

Enter 3 octal digits (0-7)
Common Presets
Permission Matrix
Read(4)Write(2)Execute(1)Octal
Owner7
Group5
Others5
Results
Numeric (Octal)
755
Symbolic
rwxr-xr-x
chmod Command
chmod 755
ls -l Output
-rwxr-xr-x
Permission Summary
Owner:Read, Write, Execute
Group:Read, Execute
Others:Read, Execute

Understanding Unix File Permissions

Unix and Linux file permissions control who can read, write, and execute files and directories. Every file has three permission sets: one for the owner, one for the group, and one for all other users. This three-tier model is fundamental to Unix security, providing fine-grained access control without requiring complex access control lists.

Permissions are stored as 9 bits in the file's inode — three bits per user class. When you run 'ls -l', the permission string (like -rwxr-xr-x) shows these 9 bits in human-readable form, preceded by a character indicating the file type (- for regular file, d for directory, l for symlink).

The chmod Command Explained

The chmod (change mode) command is the primary tool for modifying file permissions in Unix-like systems. It supports two syntaxes: numeric (octal) and symbolic. Numeric mode expresses all permissions as a three-digit octal number, where each digit is the sum of read (4), write (2), and execute (1) for owner, group, and others respectively.

Symbolic mode is more flexible for incremental changes. The syntax 'chmod u+x file' adds execute permission for the owner without affecting other permissions. You can combine multiple changes: 'chmod u+rwx,g+rx,o+r file' sets owner to rwx, group to rx, and others to r. The -R flag applies changes recursively to directories.

File Security and Permission Best Practices

Following the principle of least privilege is essential for Unix file security. Grant only the minimum permissions needed for a file or directory to serve its purpose. Web-accessible files should never be world-writable (no 777 or 666). Configuration files containing passwords or API keys should be restricted to owner-only (600).

Directory permissions work differently from file permissions. Read (r) allows listing a directory's contents, write (w) allows creating or deleting files within it, and execute (x) allows entering the directory. A directory with execute but not read permission lets users access files by name but not list the directory contents.

Common Permission Patterns

Several permission combinations are standard across Unix systems. Regular files typically use 644 (owner reads and writes, everyone else reads only). Executable programs and scripts use 755 (owner has full control, others can read and execute). Private files like SSH keys require 600 (owner-only access); SSH will refuse to use a key file with looser permissions.

Shared directories often use 775 (group members can write) or 1777 (the sticky bit, used for /tmp, which prevents users from deleting each other's files). Web application directories commonly use 750 so the web server group can access files while blocking other users entirely.

Frequently Asked Questions

Related Tools

Bash Commands CheatsheetHash GeneratorNumber Base ConverterRegex Tester

Explore More Tools

JSON FormatterPassword GeneratorBase64 CodecRegex TesterHex to RGBCSS Gradient GeneratorJSON to TypeScriptMeta Tag GeneratorUUID GeneratorColor Palette Generator
HTTP 404HTTP 500HTTP 301chmod 755chmod 644Git CommandsDocker CommandsCSS Flexbox
View all 50 tools →

Find this tool useful? Buy us a coffee to keep DuskTools free and ad-light.