Written by Christian Ahmer | 11/21/2023

Chmod permission theory and chmod calculator

Chmod calculator tool

Just set which class (owner, group, public) should have which permissions and you see an instant result in the textfield below. You may also insert a chmod value and you see what that means, as the checkboxes will be automatically selected.

Owner
Group
Public

In Unix and Unix-like operating systems, chmod is a command-line utility that stands for "change mode." It is used to change the access permissions of file system objects (files and directories). Understanding chmod is essential for system administrators and users who need to manage the security and access control of file system resources.

Permissions in Unix-like systems are divided into three categories, each for a different set of users: the file owner, the group, and others. Each category can have three types of permissions:

  • Read (r): Permission to open and read the contents of a file or list the contents of a directory.
  • Write (w): Permission to modify the contents of a file or add/remove files within a directory.
  • Execute (x): Permission to run a file as a program or script or access a directory.

The chmod command allows these permissions to be set using either symbolic or numeric modes. The symbolic mode uses letters and symbols to represent the permissions and the categories of users they apply to. For example, chmod u+x file.txt adds execute permission for the file's owner (u for user/owner), while chmod g-w file.txt removes write permission for the group.

Numeric mode uses octal (base-8) numbers to represent permission sets. This method uses three-digit numbers, with each digit ranging from 0 to 7, to set the permissions for the owner, group, and others, respectively. Each of these digits is the sum of its component bits in the following order: 4 for read, 2 for write, and 1 for execute. For instance, chmod 755 file.txt sets read, write, and execute permissions for the owner, and read and execute permissions for the group and others.

A deeper look into how chmod works reveals the intricacies of managing a file system's security. When a file is created, it inherits default permissions determined by the system's umask. The chmod command can then be used to fine-tune these permissions based on the requirements of the users and the principles of least privilege, ensuring users only have the permissions necessary for their role.

chmod also supports more advanced features, like setting setuid, setgid, and sticky bits. The setuid and setgid bits are used on executable files to run with the permissions of the file's owner or group, respectively, rather than the user running the file. The sticky bit, when set on a directory, restricts file deletion so that only the file's owner, the directory's owner, or the root user can delete files within the directory.

The chmod command is pivotal in the day-to-day operations of managing a Unix-like system, playing a crucial role in the security and functionality of these systems. Whether it's used for allowing a script to be executed, securing sensitive files, or managing shared directories, chmod remains a powerful and indispensable tool in the arsenal of Unix and Linux system utilities.