IntellureIntellure
  • Pricing
  • How it works
  • Tools
  • Blogs
  • FAQ
  • Contact
Get started
PricingHow it worksToolsBlogsFAQContactGet started
IntellureIntellure

Digital tools and insights, built for the modern web. Free, fast, and private.

Products

AI EmployeeFree ToolsBlog

Company

AboutContactPrivacy PolicyTerms of Service
© 2026 Intellure. All rights reserved.Made with care for the internet.
Home/Blog/Linux File Permissions Explained: A Beginner's Guide to chmod
developerlinuxsecurity

Linux File Permissions Explained: A Beginner's Guide to chmod

IntellureMarch 6, 20269 min read
Share:

File permissions are one of the first things you encounter when working with Linux servers, and one of the most common sources of confusion. Whether you're deploying a web application, managing a VPS, or writing a shell script, understanding how Linux permissions work and how to use the chmod command is essential. This guide breaks it all down with clear explanations, practical examples, and a cheat sheet you can bookmark.

How Linux File Permissions Work

Every file and directory on a Linux system has three sets of permissions:

  • Owner (u): the user who created or owns the file.
  • Group (g): a defined group of users that share access to the file.
  • Others (o): everyone else on the system.

Each set can have three types of permission: Read (r), Write (w), and Execute (x). That gives us a 3×3 matrix of permissions: nine individual flags that control who can do what with the file.

What Read, Write, and Execute Mean

For files:

  • Read (r): view the file contents (cat, less, head)
  • Write (w): modify the file contents (edit, truncate, overwrite)
  • Execute (x): run the file as a program or script

For directories:

  • Read (r): list the directory contents (ls)
  • Write (w): create, delete, or rename files inside
  • Execute (x): enter the directory (cd) and access files inside

Reading Permission Strings

When you run ls -l, you see permission strings like -rwxr-xr-x. Here's how to read them:

-rwxr-xr-x
│└┬┘└┬┘└┬┘
│ │  │  │
│ │  │  └── Others: r-x (read + execute)
│ │  └───── Group:  r-x (read + execute)
│ └──────── Owner:  rwx (read + write + execute)
└────────── Type:   - (regular file)
            d = directory
            l = symbolic link

Each set of three characters represents one role. A letter means the permission is granted; a dash means it's denied. So rw- means read and write but not execute.

Numeric (Octal) Notation

Instead of letters, permissions can be expressed as a three-digit number where each digit is the sum of the permission values:

4

Read (r)

2

Write (w)

1

Execute (x)

0

None

Add the values together for each role. For example:

  • 7 = 4 + 2 + 1 = read + write + execute (rwx)
  • 6 = 4 + 2 = read + write (rw-)
  • 5 = 4 + 1 = read + execute (r-x)
  • 4 = 4 = read only (r--)
  • 0 = no permissions (---)

Common Permission Combinations

NumericSymbolicDescriptionTypical Use
644rw-r--r--Owner read/write, others readRegular files (HTML, CSS, images)
755rwxr-xr-xOwner full, others read/executeDirectories, scripts, executables
600rw-------Owner read/write onlySSH keys, credentials, .env files
700rwx------Owner full access onlyPrivate scripts, .ssh directory
777rwxrwxrwxFull access for everyoneTemporary debugging only (security risk)
444r--r--r--Read-only for everyoneImmutable config files, public keys

The chmod Command

The chmod (change mode) command sets file permissions. It can be used with either numeric or symbolic notation:

# Numeric notation
chmod 755 script.sh      # Owner: rwx, Group: r-x, Others: r-x
chmod 644 index.html     # Owner: rw-, Group: r--, Others: r--
chmod 600 .env           # Owner: rw-, Group: ---, Others: ---

# Symbolic notation
chmod u+x script.sh      # Add execute for owner
chmod g-w config.txt     # Remove write for group
chmod o+r readme.txt     # Add read for others
chmod a+r public.html    # Add read for all (a = all)
chmod u=rwx,go=rx dir/   # Set exact permissions

# Recursive (apply to directory and all contents)
chmod -R 755 /var/www/html/

Symbolic Notation Explained

Symbolic notation uses letters and operators:

  • Who: u (owner), g (group), o (others), a (all)
  • Operator: + (add), - (remove), = (set exactly)
  • Permission: r (read), w (write), x (execute)

Real-World Scenarios

Setting Up a Web Server

# Web root directory
chmod 755 /var/www/html

# HTML, CSS, JS, images (readable by web server)
chmod 644 /var/www/html/*.html
chmod 644 /var/www/html/css/*.css
chmod 644 /var/www/html/js/*.js

# CGI scripts (need execute)
chmod 755 /var/www/cgi-bin/*.cgi

# Config files with passwords (owner only)
chmod 600 /var/www/.env
chmod 600 /var/www/config/database.yml

SSH Key Security

# SSH directory
chmod 700 ~/.ssh

# Private key (MUST be 600 or SSH refuses to use it)
chmod 600 ~/.ssh/id_rsa

# Public key
chmod 644 ~/.ssh/id_rsa.pub

# Authorized keys file
chmod 600 ~/.ssh/authorized_keys

Security Best Practices

  • Never use 777 in production: it gives full access to every user on the system. If you need 777 to make something work, the real problem is file ownership or your application's user configuration.
  • Credentials and private keys must be 600: SSH will refuse to use a private key with permissions looser than 600.
  • Use the principle of least privilege: give the minimum permissions needed. Start restrictive (644/755) and only add permissions if required.
  • Be careful with recursive chmod: chmod -R 755 makes every file executable, which is rarely what you want. Use find to target files and directories separately.

Key Takeaways

  • Linux permissions control read, write, and execute access for three roles: owner, group, and others.
  • Numeric notation (644, 755) uses three digits where each is the sum of read (4) + write (2) + execute (1).
  • 644 is the default for files, 755 for directories and scripts, 600 for sensitive files.
  • Never use 777 in production. If something doesn't work, fix ownership first (chown), not permissions.
  • The chmod command accepts both numeric and symbolic notation: numeric is faster, symbolic is more readable.

Calculate File Permissions Instantly

Use the interactive chmod calculator to toggle permissions with checkboxes, see the numeric and symbolic notation in real time, and copy the chmod command with one click.

Open Chmod Calculator →Hash Generator →
I

Intellure Team

The Intellure team builds the AI employee that runs your business, and we write guides on the tools and workflows that help you get more done with less overhead.

Share:

Try these free tools

Chmod CalculatorHash Generator

Related articles

developersecurity

The Complete Guide to JWT Tokens for Web Developers

Everything web developers need to know about JWT tokens: the three parts explained, authentication flows, access vs refresh tokens, security best practices, and common vulnerabilities.

developertools

5 Free Online Tools Every Developer Needs

Discover the essential free online tools that every developer should bookmark: from JSON formatting and regex testing to Base64 encoding and UUID generation.

securitypasswords

Why You Need a Strong Password (And How to Generate One)

Most passwords are cracked in seconds. Learn how hackers break passwords, what makes a strong password, and how to generate uncrackable passwords instantly.

Back to all articles
PERMISSION GRANTED

You lock down file access. Let something else handle customer access.

Intellure is a managed AI employee that answers customers, runs sales conversations, and books appointments on WhatsApp, Instagram, and your website, 24/7, for $299 a month.

Set it up