Linux File Permissions Cheatsheet
Master Linux file permissions with comprehensive coverage of file types, permission modes (rwx), numeric notation, chmod/chown commands, and common permission patterns.
Understanding file permissions is crucial for VPS security. Use our performance dashboard to track server metrics, explore secure VPS providers, and compare security features across different hosting options.
Free account required
Permission Format
View file permissions using the ls -la command. Learn more in our Linux Commands cheatsheet.
-rwxr-xr-- file.txtTable of Contents
File Types
The first character in the permission string indicates the file type. For deeper understanding of Linux file systems, see our Linux Filesystem cheatsheet.
Regular File
Normal files containing data (text, binary, images, etc.)
Directory
A folder containing files and other directories
Symbolic Link
A link pointing to another file or directory (similar to shortcuts)
Block Device
Block-oriented devices (hard drives, USB drives, etc.)
Character Device
Character-oriented devices (terminals, serial ports, etc.)
Named Pipe (FIFO)
Special file for inter-process communication
Socket
Special file used for inter-process communication
Permission Modes
File permissions are grouped into three categories: Owner, Group, and Others. Each can have Read, Write, and Execute permissions.
Permission Letters
View file contents or list directory contents
Modify file contents or add/remove files in directory
Run file as program or access directory
Permission Groups
The user who owns the file
Users who are members of the file's group
All other users on the system
Example Breakdown
-rwxr-xr-- 1 user group 1234 Jan 10 12:00 file.txtNumeric Notation (Octal)
Permissions can be represented as three-digit octal numbers, where each digit is the sum of its permission values.
Permission Values
Common Numeric Permissions
Example
5 (Group): Read, Execute
4 (Others): Read only
chmod Commands
The chmod command changes file permissions. You can use symbolic or numeric notation. For security-focused examples, check our Linux Hardening cheatsheet.
Symbolic Mode
Give owner execute permission
$ chmod u+x file.txtRemove write permission from group
$ chmod g-w file.txtAdd read permission for others
$ chmod o+r file.txtSet exact permissions for all
$ chmod a=rx file.txtMultiple changes at once
$ chmod u+x,g-w,o-r file.txtu = user/owner,
g = group,
o = others,
a = all+ = add permission,
- = remove permission,
= = set exact permission
Numeric Mode
Set permissions to 755 (rwxr-xr-x)
$ chmod 755 file.txtSet permissions to 644 (rw-r--r--)
$ chmod 644 file.txtSet permissions to 600 (rw-------)
$ chmod 600 file.txtSet permissions to 777 (rwxrwxrwx)
$ chmod 777 file.txtRecursive Changes
Change permissions recursively for directory
$ chmod -R 755 /path/to/directoryMake all files readable by everyone
$ chmod -R a+r /path/to/directorychown Commands
The chown command changes file ownership (user and group).
Change owner only
$ chown username file.txtChange owner and group
$ chown username:groupname file.txtChange group only
$ chown :groupname file.txtOr use chgrp groupname file.txt
Change ownership recursively
$ chown -R username:groupname /path/to/directoryCopy ownership from another file
$ chown --reference=ref_file.txt target_file.txtChange ownership with verbose output
$ chown -v username file.txtchown command typically requires root privileges (sudo).
Common Permission Patterns
Here are the most commonly used permission combinations for different use cases:
Directories & Executable Scripts
Owner can read, write, execute. Group and others can read and execute. Perfect for directories and scripts.
Regular Files
Owner can read and write. Group and others can only read. Standard for text files, HTML, CSS, etc.
Private Files
Only owner can read and write. Used for sensitive files like SSH keys, configuration files with passwords. Learn more about securing SSH in our OpenSSH Server Hardening guide.
Private Directories & Scripts
Only owner can read, write, and execute. Used for private scripts and personal directories.
Shared Writable Files
Everyone can read and write. Use with caution. Good for temp files or collaboration spaces.
All Permissions
Everyone can read, write, and execute. Avoid using this! Major security risk except for very specific temporary testing.
Read-Only Files
Everyone can read, nobody can write. Good for protecting important files from accidental modification.
Security Best Practices
- • Use 755 for directories and executable scripts
- • Use 644 for regular files (HTML, CSS, images)
- • Use 600 for sensitive files (SSH keys, config with passwords)
- • Avoid 777 - it's a major security vulnerability
- • Never use 666 or 777 in production environments
- • Regularly audit file permissions with
ls -la
For comprehensive server security practices, see our Linux Hardening and OpenSSH Hardening guides.
Related Cheatsheets
Expand your Linux system administration knowledge with these related guides:
Linux Commands
Master essential commands like ls, chmod, and file operations
Linux Filesystem
Understand file types, directory structure, and filesystem hierarchy
Linux Hardening
Apply security best practices including proper file permission configurations
OpenSSH Server Hardening
Secure SSH keys with 600 permissions and harden your SSH configuration
Secure Your VPS Deployment
Proper file permissions are crucial for VPS security. Find reliable VPS providers with excellent security features and performance benchmarks.
Use our performance dashboard to monitor server metrics, compare VPS providers for security features, and explore our server tools for diagnostics.
Need help? Contact us | About VPSMetrics | Privacy Policy