godz.online
Back to tools

TLDR reference

chmod permissions

A searchable reference for Unix file permissions and chmod: octal modes, the rwx bits, special bits, and symbolic syntax. Type to search by number or intent, or filter by group. Everything runs in your browser.

29 shown

How it works

A searchable reference for Unix file permissions and the chmod command, with the octal digits, common modes, special bits, and symbolic syntax all explained in one place. Every file and directory grants three permissions - read, write, and execute - to three classes of user - the owner, the group, and everyone else - and chmod is how you set them. Type to search by number or by what you want, such as "644" or "make executable", or use the chips to browse a single part of the system.

It decodes the octal shorthand (each digit is read 4 plus write 2 plus execute 1, so 7 is rwx and 5 is r-x), lists the modes you reach for daily like 644 for files and 755 for scripts and directories, and explains the special setuid, setgid, and sticky bits as well as the symbolic u+x style syntax. Everything is static and runs in your browser, so the lookup is instant and works offline once the page has loaded.

Example. Searching "755" shows rwxr-xr-x: the owner can read, write, and run, while the group and others can read and run but not change it - the standard for scripts and directories. The octal-digit cards explain why: 7 is rwx for the owner and 5 is r-x for the other two classes.

FAQ

How do the octal permission numbers work?

Each of the three digits sets the permissions for one class of user - owner, group, others - and each digit is the sum of read (4), write (2), and execute (1). So 7 is 4+2+1 = rwx (all three), 6 is 4+2 = rw-, 5 is 4+1 = r-x, and 4 is read only. Read the three digits left to right as owner, group, others: 644 means the owner can read and write while everyone else can only read, and 755 means the owner has full access while the rest can read and execute.

What is the difference between 644 and 755?

They differ only in the execute bit. 644 (rw-r--r--) is the right mode for ordinary files such as text, images, and config: the owner can edit them, everyone else can read them, and nobody runs them. 755 (rwxr-xr-x) adds execute, which you want for scripts and program binaries so they can be run, and crucially for directories, where the execute bit means "may enter and traverse". A directory without execute cannot be opened even if it is readable.

When should I use symbolic mode instead of numbers?

Symbolic mode - chmod u+x file, go-w file, a=r file - changes specific bits without restating the whole set, which is handy when you only want to add or remove one permission. chmod +x script.sh makes a script runnable without touching its read permissions, whereas an octal mode like 755 sets all nine bits at once. Use octal when you know the exact end state you want, and symbolic when you want to nudge one permission and leave the rest as they are.

What are the setuid, setgid, and sticky bits?

They are a fourth, leading octal digit with special effects. Setuid (4000) makes an executable run as its owner rather than the user who launched it, which is how a few system tools gain elevated rights - and a classic security concern. Setgid (2000) does the same for the group, and on a directory it makes new files inherit that directory's group. The sticky bit (1000) on a shared, world-writable directory such as /tmp restricts deletion so users can only remove their own files. Use them sparingly and deliberately.