You will see 755 constantly — on shell scripts, on web directories, and in nearly every deployment guide. It is the mode most tutorials reach for when something needs to be runnable or browsable by everyone, and for those cases it is exactly right. This guide breaks down what the number actually controls and when it is the correct choice.
chmod 755 means rwxr-xr-x. The owner gets full access (7 = read+write+execute), the group gets read+execute (5 = read+execute), and others get the same as the group (5). Use it for directories, shell scripts, and web server executables.
Need to calculate or convert a chmod mode?
Open Chmod Calculator →How 755 is calculated
rwxr-xr-x — owner full (7), group and others read + execute (5). Green = granted, gray = denied.Unix permissions are stored as three octal digits, one for each class: owner, group, and others. Each digit is the sum of three permission bits:
- Read (r) = 4
- Write (w) = 2
- Execute (x) = 1
For chmod 755:
Owner: 7 = 4 (read) + 2 (write) + 1 (execute) = rwx
Group: 5 = 4 (read) + 0 + 1 (execute) = r-x
Others: 5 = 4 (read) + 0 + 1 (execute) = r-x
Result: rwxr-xr-xThe missing write bit in group and others is shown as a dash (-), giving the full symbolic string rwxr-xr-x.
Reading rwxr-xr-x character by character
When you run ls -l, the permission string has 10 characters. The first is the file type (- for a regular file, d for a directory). The remaining 9 are three groups of three:
- rwx r-x r-x
^ ^ ^ ^
| | | others (r-x = read + execute)
| | group (r-x = read + execute)
| owner (rwx = read + write + execute)
file type (- = regular file, d = directory)When to use chmod 755
Directories
Directories almost always need the execute bit set — without it, no one (not even the owner of a file inside) can enter the directory with cd or access its contents. 755 is the correct default for any directory that should be publicly accessible:
- Web server document roots (
/var/www/html) - Application directories that multiple users need to read
- Shared project directories
Executable files
Shell scripts, CLI tools, and compiled binaries that anyone should be able to run belong at 755:
- Deploy scripts (
deploy.sh) - Cron job scripts
- System-wide CLI tools installed in
/usr/local/bin
What 755 is not for
Do not use 755 on files containing sensitive data. For private keys, .env files, or any file that should only be read by the owner, use chmod 600 instead.
Shell examples
# Set a script to be executable by everyone
chmod 755 deploy.sh
# Set a directory to be publicly accessible
chmod 755 /var/www/html
# Recursively set all directories to 755 (files stay as-is)
find /var/www -type d -exec chmod 755 {} \;
# Verify the result
ls -l deploy.sh
# -rwxr-xr-x 1 user group 1234 Jun 17 deploy.shRecursive 755 — the safe way
Running chmod -R 755 /var/www sets 755 on both files and directories. That is usually fine for a web root, but be aware it makes every file executable, which is unnecessary for plain HTML, CSS, and PHP files. The more precise approach is to set directories to 755 and regular files to 644 separately:
find /var/www -type d -exec chmod 755 {} \;
find /var/www -type f -exec chmod 644 {} \;chmod 755 vs other common modes
| Mode | Symbolic | Owner | Group | Others | Typical use |
|---|---|---|---|---|---|
| 755 | rwxr-xr-x | rwx | r-x | r-x | Directories, scripts, executables |
| 644 | rw-r--r-- | rw- | r-- | r-- | Web files, config files |
| 700 | rwx------ | rwx | --- | --- | Private directories (~/.ssh) |
| 600 | rw------- | rw- | --- | --- | SSH keys, .env files |
| 777 | rwxrwxrwx | rwx | rwx | rwx | Avoid — world-writable security risk |
Frequently Asked Questions
What does chmod 755 mean?
chmod 755 sets the permission rwxr-xr-x. The owner gets full read, write, and execute (7 = 4+2+1). The group and others each get read and execute only (5 = 4+1). It is the standard permission for directories and executable scripts.
Should directories be 755 or 644?
Directories should be 755 (or at minimum 711). The execute bit on a directory means "permission to enter" — without it, no one can cd into the directory or access files inside it, even if the files themselves have open permissions. Regular non-executable files should be 644.
Is chmod 755 safe?
Yes, for directories and executable scripts, 755 is safe and is the recommended default on most Linux systems. It allows everyone to read and execute, but only the owner to write or modify the file. Do not apply 755 to files containing private data — use chmod 600 for secrets.
What is the difference between chmod 755 and chmod 777?
chmod 777 gives everyone (owner, group, and all other users) full read, write, and execute. chmod 755 only gives the owner write access. On a web server, a world-writable file (777) means a compromised web process can overwrite or replace it. 777 is almost always a security risk; 755 is the safe alternative for executables and directories.
How do I check the current permissions of a file?
Run ls -l filename to see the symbolic string (e.g. -rwxr-xr-x). Run stat filename for detailed info including the octal mode. On Linux you can also run stat -c '%a %n' filename to print just the octal value and filename.
Calculate any chmod permission instantly
Open Chmod Calculator →Related permission guides
- chmod 644 explained — the standard for web files and config files
- chmod 777: why it's a security risk — and what to use instead
- chmod 600 for SSH keys and .env files
- chmod 775 for Laravel and WordPress directories