CHMOD Calculator

CHMOD Calculator

Visual chmod calculator with security warnings. Set read/write/execute permissions, get octal and symbolic output instantly. Includes umask, SUID/SGID/sticky bit.

Updated May 2026

Interactive checkbox grid — toggle read, write, and execute for owner, group, and others.
Numeric notation (e.g. 755). Each digit is the sum of read(4) + write(2) + execute(1). Type 3 or 4 digits.
9-character string (e.g. rwxr-xr-x) representing permissions for owner, group, and others. Use r/w/x or - for each position.
Shift + Enter to Copy
Permission Matrix
Access Level
Read (4)
Write (2)
Execute (1)
Owner (User)
File creator
Group
Users with same GID
Others (Public)
Any other user
Special Bits
Integrated umask Tool
Files
644
Dirs
755

umask subtracts from default permissions (666 for files, 777 for dirs). Common: 022 → files 644, dirs 755.

What is umask?

The umask (user file-creation mode mask) defines the default permissions removed from newly created files and directories. It masks out bits from the system defaults: 666 for files and 777 for directories.

Octal Output
INSTANT
000 oct
---------
Symbolic Builder
chmod u=,g=,o= [file]
Common Presets
Terminal Command
chmod 000
Add -R for recursive: chmod -R 000 dir/
How to Use Groups Instead of 777
1. Create a group
sudo groupadd webdev
2. Add user to group
sudo usermod -aG webdev alice
3. Set group permissions
chmod 775 /var/www/site

Group can write — others cannot. Safer than 777.

CHMOD Calculator — Linux File Permissions, Octal & Symbolic

Set Unix/Linux file permissions by clicking checkboxes — get the octal value (644, 755, 777), symbolic notation (rwxr-xr-x), and the ready-to-run chmod command instantly. No signup, no install, 100% in your browser.

Unlike other chmod calculators, this one warns you automatically when a permission value is a security risk and explains what to use instead — the feature most useful for developers who just want something to work without opening a vulnerability.

How to Use the CHMOD Calculator

Three ways to interact — pick whichever fits your workflow:

  1. Click the checkboxes — Toggle read, write, or execute for owner, group, and others. The octal value and symbolic notation update as you click.
  2. Type an octal number — Switch to Octal mode and type directly: 755, 644, or 4755 with special bits. The visual matrix syncs immediately.
  3. Enter symbolic notation — Switch to Symbolic mode and type rwxr-xr-x — the calculator converts it to octal on the fly.
  4. Copy the command — Click "Copy Command" in the Terminal section to copy chmod 755 [file] ready to paste into your terminal. Edit the filename inline.

If the permission value is dangerous (777, 666, world-writable), a security warning appears automatically with an explanation and a safer alternative.

CHMOD Permission Examples

Octal Symbolic Who can do what Typical use
644 rw-r--r-- Owner: read+write. Group+Others: read only Web files, .html, .css
755 rwxr-xr-x Owner: full. Group+Others: read+execute Directories, shell scripts
600 rw------- Owner: read+write. Nobody else: nothing SSH private keys, credentials
700 rwx------ Owner: full. Nobody else: nothing Private directories, ~/.ssh
777 rwxrwxrwx Everyone: full access ⚠️ Security risk — avoid in production
640 rw-r----- Owner: rw. Group: read. Others: nothing Config files with passwords
4755 rwsr-xr-x SUID + 755 System executables (e.g. /usr/bin/passwd)

Edge case — what happens with octal 0? Entering 000 gives ---------- — no access for anyone, including the owner. Useful for temporarily locking a file; remember you'll need sudo or ownership to restore access.

Linux File Permissions — What Each Bit Means

Unix permissions are built from three groups of three bits: owner (u), group (g), and others (o). Each group has three possible flags:

  • r (read = 4) — Can view the file contents or list a directory
  • w (write = 2) — Can modify the file or create/delete files in a directory
  • x (execute = 1) — Can run the file as a program, or cd into a directory

Each group's value is the sum of its active bits: read(4) + write(2) + execute(1) = 0 through 7. That's why each octal digit runs from 0 to 7 — it's a 3-bit bitmask. So 755 means: owner=7(rwx), group=5(r-x), others=5(r-x).

Special bits (4th digit):

  • SUID (4000) — Executable runs with the file owner's privileges. Example: /usr/bin/passwd runs as root regardless of who calls it.
  • SGID (2000) — On executables: runs with the group's privileges. On directories: new files inherit the directory's group.
  • Sticky bit (1000) — On directories: users can only delete their own files. Classic example: /tmp.

Common Use Cases

  • Web server files: Set .html, .css, .js, .php to 644 so the web server (www-data, apache) can read them but not overwrite them, even if exploited.
  • Web server directories: Use 755 — the x bit allows traversal (cd into the directory) without allowing writes.
  • SSH private keys: chmod 600 ~/.ssh/id_rsa. SSH actively refuses to use keys readable by group or others — you'll see "Permissions too open" if you skip this.
  • Upload directories: 755 with application-level access control, never 777. On shared hosting, 777 means other tenants can inject files.
  • WordPress wp-config.php: 640 or 600 — it contains your database password. Never 644.
  • Shell scripts: 755 — owner writes, everyone can execute.

What is umask and How Does It Relate to chmod?

chmod sets explicit permissions on an existing file. umask sets the default permissions for newly created files and directories by masking out bits from the system default (666 for files, 777 for dirs).

Default for files:       666 (rw-rw-rw-)
Default for directories: 777 (rwxrwxrwx)
Typical umask:           022

File result:  666 & ~022 = 644 (rw-r--r--)
Dir result:   777 & ~022 = 755 (rwxr-xr-x)

Common umask values:

  • 022 — standard server (others cannot write)
  • 027 — stricter (group cannot write; others have nothing)
  • 077 — paranoid (owner only)
  • 002 — collaborative (group can write — good for team directories)

Use the integrated umask calculator above to see what effective permissions any umask produces.

Frequently Asked Questions

What does chmod 777 mean and why is it dangerous?

chmod 777 gives read, write, and execute permission to the file owner, their group, AND every other user on the system. On shared hosting, this means other accounts on the same server can overwrite or execute your files. The only legitimate use is temporary debugging — remove it immediately after. For directories, use 755; for files, use 644.

What is the difference between chmod 755 and 777?

In chmod 755, only the owner can write (modify) the file — group and others can only read and execute. In chmod 777, everyone has write access, meaning any user on the system can modify or delete the file. Use 755 for directories and executables in production; avoid 777 except for brief local debugging.

What chmod should I use for SSH private key files?

Use chmod 600 (rw-------) for ~/.ssh/id_rsa and other private keys. SSH explicitly checks permissions and will refuse to use a key readable by group or others, printing "Permissions 0644 for id_rsa are too open." The ~/.ssh/ directory itself should be chmod 700.

Does chmod -R apply to both files and directories?

Yes — chmod -R 755 dir/ applies 755 to the directory and all its contents, including files. This is often a mistake: files don't need the execute bit unless they are programs. A safer approach for web servers: find /var/www -type d -exec chmod 755 {} \; && find /var/www -type f -exec chmod 644 {} \; — this sets directories to 755 and files to 644 separately.

What are SUID, SGID, and the sticky bit?

SUID (4000): the executable runs with the file owner's privileges, not the caller's. SGID (2000): on executables, it runs with the group's privileges; on directories, new files inherit the directory's group. Sticky bit (1000): on directories, each user can only delete files they own — the classic example is /tmp, where anyone can create files but only the creator can delete them.

Resources

  • chmod — Linux man page (man7.org) — Official POSIX specification for chmod, including all flags and symbolic notation syntax.
  • File system permissions — Wikipedia — Comprehensive overview of Unix permission model, ACLs, and how they compare across operating systems.
  • Hash Generator — Generate MD5, SHA-1, SHA-256, SHA-512, and other cryptographic hashes for strings and files — useful for verifying file integrity alongside permission checks.

Related Tools