loot.tools

Chmod Calculator

Work out the chmod number for any combination of read, write, and execute permissions. Tick the boxes for owner, group, and others and the octal value and symbolic rwxr-xr-x string update together, along with a plain-English summary of who can do what. Type an octal value like 755 or 4755 and it fills in the grid. Special bits (setuid, setgid, sticky) are covered too. Runs entirely in your browser.
Code

Tick the boxes or type an octal value to see the matching `chmod` number, the symbolic rwxr-xr-x form, and what each class is allowed to do. Everything stays in your browser.

ClassReadWriteExecute
Owner
Group
Others
Special bits
Symbolic
rw-r--r--
chmod 644 filename
  • Owner can read and write.
  • Group can read.
  • Others can read.

How Unix permissions work

Every file has three sets of permissions: one for the owner, one for the group, and one for everyone else. Each set can allow reading (4), writing (2), and executing (1). Add those numbers up per class and you get a digit from 0 to 7, so the familiar 755 means the owner can read, write, and execute (7), while group and others can read and execute but not write (5). The symbolic form, rwxr-xr-x, spells out the same thing one character at a time.

Reading the result

Tick boxes or type an octal number and both forms update at once. The symbolic string matches what 'ls -l' prints, so you can paste a value straight from a directory listing. The chmod line at the bottom is ready to copy into a terminal. Read access lets you open a file or list a directory. Write lets you change it. Execute runs a program, or for a directory, lets you enter it.

Special bits

  • setuid makes an executable run as its owner rather than the user who launched it, common for tools that need elevated access
  • setgid does the same with the group, and on a directory it makes new files inherit the directory's group
  • The sticky bit on a shared directory like /tmp stops people from deleting each other's files - only the owner can
  • These show up as an extra leading digit, so 4755 has setuid set

Common values

  • 644 for regular files, so the owner can edit and everyone can read
  • 755 for scripts and directories that need execute
  • 600 for private files like SSH keys that only the owner should touch
  • 700 for a private directory
  • 777 grants everyone full access and is almost always a mistake outside of quick local testing