chmod 755 filenamechmod (change mode) is a Unix/Linux command that sets file and directory permissions. Every file on a Linux or macOS system has three permission classes: Owner (the user who created the file), Group (users who share the file's assigned group), and Others (everyone else on the system). Each class can be granted read, write, and execute access independently.
Understanding chmod is essential for anyone working with servers, deploying web applications, managing SSH keys, or writing shell scripts. Misconfigured permissions are one of the most common causes of "permission denied" errors and, more seriously, security vulnerabilities on production systems.
There are two ways to express file permissions. Octal notation uses a three-digit number where each digit (0 through 7) represents the combined permissions for owner, group, and others. Symbolic notation uses letters: r for read, w for write, and x for execute.
| Octal | Symbolic | Meaning |
|---|---|---|
| 7 | rwx | Read + Write + Execute |
| 6 | rw- | Read + Write |
| 5 | r-x | Read + Execute |
| 4 | r-- | Read only |
| 0 | --- | No permissions |
The octal value is calculated by adding the values: read (4) + write (2) + execute (1). So rwx = 4+2+1 = 7, and r-x = 4+0+1 = 5.
755: Owner has full access, group and others can read and execute. This is the standard for directories, shell scripts, and executable files. Most web server directories use this value.
644: Owner can read and write, group and others can only read. This is the default for most regular files, including HTML, CSS, JavaScript, configuration files, and documents.
600: Owner can read and write, nobody else has any access. Use this for sensitive files like SSH private keys (~/.ssh/id_rsa), environment files with API keys, and database credentials. SSH will actually refuse to use a private key if its permissions are more open than 600.
700: Owner has full access, nobody else can do anything. Ideal for private directories like ~/.ssh or directories containing sensitive scripts.
444: Read-only for everyone. Useful for files that should never be modified accidentally, like signed certificates or locked configuration files.
Setting 777 (full access for everyone) is almost never the right answer. It means any user on the system can read, modify, or execute the file. If you find yourself reaching for 777, the real fix is usually adjusting file ownership with chown or adding users to the correct group.
Another frequent mistake: forgetting that directories need execute permission for users to cd into them or list their contents. A directory set to 644 will be readable but not traversable.
You can apply permissions with the octal shorthand (chmod 755 filename) or with symbolic operators (chmod u+x filename to add execute for the owner). The symbolic approach is handy when you only need to change one permission without affecting the others.
To apply permissions recursively to a directory and everything inside it, use chmod -R 755 /path/to/dir. Be careful with recursive chmod on mixed file/directory trees, as files and directories often need different permission values.
Working with servers? Check out the Password Generator for creating strong credentials, the Hash Generator for verifying file integrity, or the Common Ports Reference to look up which services run on which ports.
This calculator runs 100% in your browser. No data is sent to any server, and nothing is logged or stored.