DevToolBoxGRATIS
Blog

Linux bestandspermissies uitgelegd: chmod 777, 755, 644

9 min lezenby DevToolBox

Linux file permissions control who can read, write, and execute files. Understanding chmod and permission notation is essential for every developer working with servers, Docker, or CI/CD pipelines.

Understanding the Permission System

Every file and directory in Linux has three permission sets: one for the owner (user), one for the group, and one for others (everyone else). Each set can grant three types of access:

  • r β€” Read (r) β€” View file contents or list directory entries
  • w β€” Write (w) β€” Modify file contents or create/delete files in a directory
  • x β€” Execute (x) β€” Run a file as a program or enter a directory
-rwxr-xr-x  1 user group  4096 Feb 10 file.sh
 β”‚β”‚β”‚ β”‚β”‚β”‚ β”‚β”‚β”‚
 β”‚β”‚β”‚ β”‚β”‚β”‚ └── Others: r-x (read + execute = 5)
 β”‚β”‚β”‚ └──── Group:  r-x (read + execute = 5)
 └────── Owner:  rwx (read + write + execute = 7)

 Result: 755

Octal Notation Explained

Each permission set can be represented as a single digit from 0 to 7. The digit is the sum of the permission values:

  • 4 β€” Read = 4
  • 2 β€” Write = 2
  • 1 β€” Execute = 1
  • 0 β€” No permission = 0

Octal Reference Table

OctalrwxMeaning
0---No permission
1--xExecute only
2-w-Write only
3-wxWrite + Execute
4r--Read only
5r-xRead + Execute
6rw-Read + Write
7rwxRead + Write + Execute

Common Permission Values

777777 β€” Full access for everyone (owner + group + others). Avoid in production! Only use for temporary debugging.
755755 β€” Owner can do everything; group and others can read and execute. Standard for directories and executables.
644644 β€” Owner can read and write; group and others can only read. Standard for regular files.
600600 β€” Owner can read and write; no one else has access. Use for private config files and SSH keys.
400400 β€” Owner can only read. Use for sensitive read-only files like certificates.

chmod Command Syntax

Numeric mode sets all permissions at once:

chmod 755 script.sh        # rwxr-xr-x
chmod 644 config.json      # rw-r--r--
chmod 600 id_rsa           # rw-------
chmod -R 755 /var/www/html # Recursive

Symbolic mode modifies specific permissions:

chmod u+x script.sh        # Add execute for owner
chmod g-w file.txt         # Remove write from group
chmod o+r file.txt         # Add read for others
chmod a+x script.sh        # Add execute for all (a = all)
chmod u=rwx,go=rx dir/     # Set owner=rwx, group+others=rx

Practical Examples

# Web server setup
chmod 755 /var/www/html
chmod 644 /var/www/html/index.html
chmod 644 /var/www/html/style.css

# SSH key permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/authorized_keys

# Script permissions
chmod +x deploy.sh
chmod 755 /usr/local/bin/my-tool

# Docker volume permissions
chmod -R 777 /tmp/build    # Temporary build dir only!

Special Permissions: SUID, SGID, Sticky Bit

SUID (4xxx)

SUID (4xxx) β€” Run file as the file owner. Example: /usr/bin/passwd runs as root.

chmod 4755 /usr/bin/passwd
SGID (2xxx)

SGID (2xxx) β€” Run file as the file group, or new files in directory inherit group.

chmod 2755 /shared/project
Sticky Bit (1xxx)

Sticky Bit (1xxx) β€” Only file owner can delete files in directory. Example: /tmp.

chmod 1777 /tmp

Common Mistakes and Security Tips

  • Never use chmod 777 in production β€” it gives everyone full access.
  • SSH keys must be 600 or 400 β€” SSH refuses to use keys with group/other access.
  • Web server files should be 644 (files) and 755 (directories).
  • Use chmod -R carefully β€” recursive changes can break things.
  • Check permissions with ls -la before and after changes.

Try our interactive Chmod Calculator

Chmod Calculator β†’

FAQ

What does chmod 777 mean?

chmod 777 gives read (4), write (2), and execute (1) permissions to the owner, group, and others β€” total access for everyone. This is a security risk and should be avoided in production.

What is the difference between 755 and 644?

755 allows the owner full access and others read+execute (used for directories and scripts). 644 allows the owner read+write and others read-only (used for regular files).

Why does SSH reject my key file?

SSH requires private key files to have permissions 600 or stricter. Run: chmod 600 ~/.ssh/id_rsa

What is the sticky bit?

The sticky bit (chmod 1xxx or chmod +t) prevents users from deleting files they do not own in a shared directory. The /tmp directory uses this.

How do I check current file permissions?

Run ls -la to see permissions in rwx format. The first column shows the permission string like -rwxr-xr-x (which equals 755).

𝕏 Twitterin LinkedIn
Was dit nuttig?

Blijf op de hoogte

Ontvang wekelijkse dev-tips en nieuwe tools.

Geen spam. Altijd opzegbaar.

Try These Related Tools

πŸ”Chmod Calculator.ht.htaccess GeneratorπŸ”‘Password Generator

Related Articles

Git Commands Cheat Sheet: EssentiΓ«le commando's voor elke developer

Compleet Git-commando's cheatsheet: setup, branching, merging, rebasing, stashing en geavanceerde workflows.

Linux chmod, chown en chgrp: Bestandsrechten Gids

Complete gids voor Linux bestandsrechten: chmod, chown, chgrp en speciale rechten.