chmod Permission Settings Manual
What are Permissions?
Unix-based OS uses permissions to control user and group access to files and directories. Incorrect settings can lead to security risks.
Permission Basics
File Permissions
| Permission | Symbol | Meaning |
|---|---|---|
| Read | r | Permission to read file |
| Write | w | Permission to write data to/delete file |
| Execute | x | Permission to execute file (programs, scripts) |
| None | - |
Directory Permissions
| Permission | Symbol | Meaning |
|---|---|---|
| Read | r | Permission to read file name list in directory |
| Write | w | Permission to create/delete files in directory |
| Execute | x | Permission to access files and subdirectories |
⚠️ Without execute permission on a directory, you cannot enter it.
User Classes
| Class | Description |
|---|---|
| Owner (user) | User who created the file |
| Group | Group that file creator belongs to |
| Others | Everyone else |
Displaying Permissions
ls -lOutput example:
-rwxr-xr-- 1 user group 12345 Jan 23 12:34 example.txt| Item | Meaning |
|---|---|
-rwxr-xr-- | File permissions |
1 | Number of links |
user | File owner |
group | File group |
12345 | File size (bytes) |
Jan 23 12:34 | Last modified |
example.txt | File name |
Reading Permissions
Each character in -rwxr-xr--:
| Position | Example | Meaning |
|---|---|---|
| 1st char | - | File type (d=directory, -=file) |
| 2-4th chars | rwx | Owner permissions (read, write, execute) |
| 5-7th chars | r-x | Group permissions (read, execute) |
| 8-10th chars | r-- | Others permissions (read only) |
Changing Permissions (chmod)
Use chmod command with 3-digit number to set permissions.
chmod 644 example.txtPermission Values
| Permission | Value |
|---|---|
| Read | 4 |
| Write | 2 |
| Execute | 1 |
Each digit is the sum of permission values.
Example: chmod 644
| Class | Total | Calculation | Permissions | Notation |
|---|---|---|---|---|
| Owner | 6 | 4+2+0 | read, write | rw- |
| Group | 4 | 4+0+0 | read only | r— |
| Others | 4 | 4+0+0 | read only | r— |
Cheat Sheet
Basic Permission Values
| Value | Permission | Notation |
|---|---|---|
| 0 | None | --- |
| 1 | Execute only | —x |
| 2 | Write only | -w- |
| 3 | Write and execute | -wx |
| 4 | Read only | r— |
| 5 | Read and execute | r-x |
| 6 | Read and write | rw- |
| 7 | Read, write, execute | rwx |
Common chmod Commands
| Value | Owner | Group | Others | Use Case |
|---|---|---|---|---|
| 700 | All | None | None | Personal scripts |
| 755 | All | Read+Exec | Read+Exec | Public scripts/directories |
| 644 | Read+Write | Read | Read | General files |
| 600 | Read+Write | None | None | SSH keys, .env |
| 666 | Read+Write | Read+Write | Read+Write | Shared files |
| 400 | Read | None | None | Read-only |
Practical Examples
SSH Private Key
chmod 600 ~/.ssh/id_rsaOwner only read/write. Prevents unauthorized use of private key.
Web Server Files
# HTML files
chmod 644 index.html
# Directories
chmod 755 /var/www/html
# Executable scripts
chmod 755 script.shEnvironment Variable Files
chmod 600 .envFiles containing sensitive info should be owner-access only.
Shared Project Directory
chmod 775 /shared/projectOwner and group members can read, write, and execute.
Add Execute Permission to Script
chmod 755 deploy.sh
# or
chmod +x deploy.shImportant Notes
⚠️ Incorrect permission settings can allow malicious third parties to view or modify your files.
Principle: Grant minimum necessary permissions to reduce security risks.