How do Linux file permissions work?
Every file carries nine permission bits in three triplets β read, write, execute for the owner, the group, and everyone else. Each triplet maps to one octal digit (read=4, write=2, execute=1, summed), so rwxr-xr-x is 755 and rw-r--r-- is 644. The symbolic and numeric forms describe identical access rules; ls -l shows the symbolic form, while chmod, scripts, and config files usually want the octal one β which is exactly the translation this tool does.
How does this converter work?
Type a numeric value like 644 or a symbolic string like rw-r--r-- and the other notation updates instantly. You can also click individual bits on the visual grid, choose a file type prefix (regular file, directory, or symlink) for an ls -l style result, toggle the setuid, setgid, and sticky bits, and copy a ready-to-paste chmod command. Everything runs locally in your browser β nothing is sent to a server.
What is the difference between chmod 755 and 644?
755 (rwxr-xr-x) grants the owner full control and lets everyone else read and execute β the standard for directories, scripts, and binaries. 644 (rw-r--r--) drops the execute bit: owner reads and writes, everyone else only reads β the standard for ordinary files like HTML, configs, and images. Web servers conventionally use 755 for directories and 644 for files. If a script prints Permission denied when executed, it is usually sitting at 644 and needs chmod +x.
What does chmod u+s do?
It sets the setuid bit, making an executable run with its owner's privileges instead of the caller's β passwd is the classic example, shown as rwsr-xr-x. Numerically these special bits become a fourth leading digit: 4755 is setuid, 2755 is setgid (on directories, new files inherit the group), and 1777 is the sticky bit, which is why /tmp lets anyone create files but only owners delete them. A capital S or T in ls output means the special bit is set without the underlying execute bit β usually a mistake.
Why can't I cd into a directory I can read?
Because on directories the bits mean different things: read lets you list the names inside, write lets you create and delete entries, but execute is what permits entering the directory and accessing the files within. A directory at 644 is effectively unusable β you can list names but not stat or open anything. This is the most common permissions misconception, and it is why directories need 755 (or at least the x bit) where files are fine at 644.
How do I find files with specific permissions?
Use find with -perm: find / -perm -4000 -type f lists setuid binaries (a standard security-audit step), find . -perm 777 finds exact matches, and the leading dash means at least these bits. Pair it with stat -c '%a %n' filename to print a file's octal mode directly β handy when ls -l symbolic output is ambiguous. To audit a web root, find /var/www -type f ! -perm 644 flags files that deviate from the expected baseline.
Why is chmod 777 a bad idea?
777 gives every user on the system write access, so any compromised process or account can modify or replace the file β on a web server that is an open invitation for shell uploads and defacement. It is usually applied as a desperate fix for an ownership problem that chown would solve correctly. Be equally careful with recursive changes: chmod -R 755 marks every file executable; the better pattern is find with -type d -exec chmod 755 and -type f -exec chmod 644 applied separately.