Unix file permissions sit at the intersection of security and functionality. Get them wrong in one direction and you lock yourself out of your own files. Get them wrong in the other and you expose sensitive data to every user on the system.
The chmod command controls exactly who can read, write, and execute any file or directory. It operates on three categories of users — owner, group, and everyone else — and assigns three possible rights to each. That's nine bits total, mapping to a three-digit octal number like 755 or 644.
The problem is that octal arithmetic isn't how most people think. You want a file readable by everyone but writable only by the owner? You shouldn't have to do mental math to get there.
That's what the Chmod Calculator is for.
Understanding the Permission Model
Before toggling bits, it helps to have a solid mental model of what you're actually setting.
Each permission set has three positions:
Those values add up for each user category. Owner has read + write + execute: 4+2+1 = 7. Group has read + execute only: 4+1 = 5. Others have read only: 4.
Stack those three digits and you get 755 — the most common permission set for web server directories. For non-executable files like config files or stylesheets, 644 is the standard: owner can write, everyone else can only read.
The pattern matters more than memorizing every combination. The Chmod Calculator lets you work visually instead of arithmetically.
Step-by-Step: Using the Chmod Calculator
Step 1: Open the tool
Navigate to the Chmod Calculator. No account, no setup — it loads instantly in your browser.
Step 2: Identify who you're setting permissions for
The tool displays three columns: Owner, Group, and Others. Think about your actual use case before you start clicking:
644 — owner writes, everyone readsStep 3: Toggle the bits
Click the checkboxes for Read, Write, and Execute under each column. The tool calculates the octal value in real time. You immediately see both the symbolic notation (like rwxr-xr-x) and the numeric value (755) update as you interact.
Step 4: Read the generated command
The calculator outputs a ready-to-run chmod command:
chmod 755 filename
Copy it directly into your terminal. No mental arithmetic, no lookup tables.
Step 5: Verify before running
Do a quick sanity check — does the output match your intent? If you're setting permissions on a private key file like ~/.ssh/id_rsa, you should see 600: owner read/write only, nothing for group or others. SSH will refuse to use a key with permissions that are too open. The visual grid makes it obvious if you've accidentally left a bit checked that shouldn't be.
Step 6: Apply recursively when needed
For directories where you need to set permissions on all contained files, add the -R flag:
chmod -R 755 /var/www/html
Use this carefully. Recursive chmod on a directory with mixed file types can cause issues if you're not intentional about which files get which permissions.
Common Permission Patterns Worth Knowing
You'll reach for the same combinations repeatedly once you're doing regular server or script work.
|---------|-------|----------|
The calculator handles all of these. If you're trying to remember what a specific value means on an existing file, reverse-engineer it: enter the octal number and see the checkboxes light up to show you exactly what's enabled.
Symbolic vs. Octal Notation
The calculator produces octal output, but chmod also supports symbolic notation like chmod u+x script.sh (add execute for the owner) or chmod go-w file.txt (remove write from group and others).
Symbolic mode is useful when you want relative changes — add or remove a specific bit without affecting everything else. Octal is cleaner when you want to set the full permission state explicitly from scratch.
For any situation where you're establishing permissions on a new file or a fresh deployment, octal is the more reliable choice. Use the calculator to figure it out visually, then lock it in with the numeric value. There's no ambiguity about what you ended up with.
FAQ
What does chmod 777 actually do?
It gives read, write, and execute permission to everyone — the owner, the group, and all other users on the system. This is almost always a mistake in production. On a web server, it means any process running under any user account can modify that file. Never use 777 on files containing sensitive data or executable code in a shared environment.
Why does SSH reject my private key file?
SSH enforces strict permission requirements on key files. If your ~/.ssh/id_rsa has permissions wider than 600 (or the .ssh directory itself is wider than 700), SSH considers the setup insecure and refuses to use the key entirely. Run chmod 600 ~/.ssh/id_rsa and chmod 700 ~/.ssh to fix it.
Can I set different permissions for files vs. directories in one shot?
Not with a single chmod -R, but you can combine find with chmod. To target only files: find /path -type f -exec chmod 644 {} \;. To target only directories: find /path -type d -exec chmod 755 {} \;. Use the calculator to determine the right values first, then plug them into your find command.
Other Developer Tools Worth Bookmarking
If you're doing backend or server work, these tools belong in the same tab group:
Stop Recalculating, Start Deploying
Unix permissions aren't complicated once you break them into the three-by-three grid of user categories and access rights. The friction is always the octal arithmetic — translating an access intent into a number without making a mistake. The Chmod Calculator removes that friction entirely. Toggle the bits visually, read the output, run the command. You'll still understand what 755 means; you just won't have to recalculate it from scratch every single time.