Calculate Linux file permissions interactively. Toggle permissions for Owner, Group, and Others to generate numeric and symbolic notation.
Numeric
755
Symbolic
rwxr-xr-x
7
5
5
$ chmod 755 filenameCommon Presets
Permission Reference
| Number | Symbol | Permission |
|---|---|---|
| 0 | --- | No permission |
| 1 | --x | Execute |
| 2 | -w- | Write |
| 3 | -wx | Write + Execute |
| 4 | r-- | Read |
| 5 | r-x | Read + Execute |
| 6 | rw- | Read + Write |
| 7 | rwx | Read + Write + Execute |
chmod (change mode) is the Linux and Unix command that sets read, write, and execute permissions on files and directories for three classes of user: the owner, the owning group, and everyone else. Permissions are written either in numeric octal notation like 755 or symbolic notation like rwxr-xr-x. Each octal digit is the sum of read (4), write (2), and execute (1) β so 7 means rwx, 6 means rw-, and 5 means r-x.
Toggle read, write, and execute for Owner, Group, and Others and the calculator instantly shows the matching octal value, the symbolic string, and a ready-to-copy chmod command with your own filename substituted in. One-click presets cover the most common modes β 755, 644, 777, 600, 400, and 750 β and a reference table maps every digit from 0 to 7. It runs entirely in your browser; nothing is sent anywhere.
755 grants the owner full read, write, and execute access (7 = 4+2+1) while the group and everyone else get read and execute only (5 = 4+1), shown symbolically as rwxr-xr-x. It is the standard mode for executable scripts, binaries, and directories that should be world-readable but writable only by the owner β for directories, the execute bit is what allows entering the directory and listing its contents, not running anything.
644 (rw-r--r--) is the default for ordinary files: the owner can edit, everyone else can read. Web content, source code, and most documents live happily at 644. 600 (rw-------) removes all access for group and others, which is mandatory for secrets β SSH expects ~/.ssh/id_rsa private keys at 600 and will refuse to use them otherwise, and the same rule applies to .env files, API tokens, and database credential files on shared servers.
777 lets every user on the system read, modify, and execute the file, so any compromised account or buggy service can replace its contents β a classic path to privilege escalation when the file is a script run by root or a web app. It usually appears as a desperate fix for a permission error whose real cause is wrong ownership. The correct fix is almost always chown to the right user plus 755 or 644, never blanket world-write.
ls -l prints the symbolic form (-rw-r--r--) along with the owner and group, while stat -c '%a %n' file prints the octal value directly β handy for comparing against what this calculator shows. To change permissions recursively, chmod -R works but applies the same mode to files and directories alike; the safer pattern is find . -type d -exec chmod 755 {} + for directories and find . -type f -exec chmod 644 {} + for files.
Beyond the three digits this calculator covers, chmod accepts an optional leading digit for special bits: setuid (4) makes an executable run as its owner, the way passwd runs as root; setgid (2) makes new files in a directory inherit its group, useful for shared project folders; and the sticky bit (1) on a directory like /tmp lets only a file's owner delete it. So chmod 1777 /tmp or chmod 2775 /srv/shared. Use setuid sparingly β it is a frequent audit finding.
The umask decides. New files start from 666 and directories from 777, and the umask subtracts bits: the common umask of 022 yields 644 files and 755 directories, while a stricter 077 yields 600 and 700. Run umask in your shell to see the current value, and set it in ~/.profile or /etc/login.defs to change defaults. If freshly created files keep coming out group-writable on a server, an 002 umask is almost always the reason.