Day 50beginnerMar 22, 2026

Understand chmod Numbers in 60 Seconds

Understanding chmod numbers means you can set precise file permissions without guessing — security starts with getting permissions right.

linuxsecurityfundamentals

What

Linux file permissions use a three-digit octal number where each digit represents read (4), write (2), and execute (1) for owner, group, and others. You add the values together for each position. Common patterns: 755 for executables, 644 for regular files, 600 for secrets and private keys.

Why It Matters

Incorrect permissions are one of the most common security vulnerabilities on Linux servers. Too open (777) and anyone can modify your files. Too restrictive and your application can't read its own config. Understanding the octal system lets you set exactly the right access level every time.

Example

# Make a script executable by owner, readable by everyone
chmod 755 script.sh    # rwxr-xr-x

# Standard permissions for config files
chmod 644 config.yaml  # rw-r--r--

# Lock down private keys and secrets
chmod 600 id_rsa       # rw-------
chmod 600 .env         # rw-------

# Verify permissions
ls -la

# Permission math:
# r (read)    = 4
# w (write)   = 2
# x (execute) = 1
#
# 7 = 4+2+1 = rwx (read, write, execute)
# 6 = 4+2   = rw- (read, write)
# 5 = 4+1   = r-x (read, execute)
# 4 = 4     = r-- (read only)
# 0 = 0     = --- (no access)
#
# Three digits: [owner][group][others]
# 755 = owner:rwx, group:r-x, others:r-x

bash

Common Mistake

Setting 777 permissions 'just to make it work' when an application can't access a file. This gives every user on the system full read, write, and execute access — a major security risk, especially on shared or production servers.

Quick Fix

Start with the least permissive setting and open up only what's needed. For web files, 644 is usually correct. For scripts, 755. For secrets, 600. Use 'ls -la' to check current permissions before and after changes.