File System Permissions

Unix-based Systems

-: doesn’t allow
r: allows read
w: allows write
x: allows execute, or on directories, allows access to contents

Number Permission Symbolic Notation
0 None
1 Execute only –x
2 Write only -w-
3 Execute and write (1 + 2 = 3) -wx
4 Read only r–
5 Read and execute (4 + 1 = 5) r-x
6 Read and write (4 + 2 = 6) rw-
7 Read, write, and execute (4 + 2 + 1 = 7) rwx 

owner group others
read r – – r – – r – –
write – w – – w – – w –
execute – – x  – – x  – – x 

Symbolic Notation Numeric Notation English
---------- 0000 no permissions
-rwx------ 0700 read, write, & execute only for owner
-rwxrwx--- 0770 read, write, & execute for owner and group
-rwxrwxrwx 0777 read, write, & execute for owner, group and others SECURITY RISK
---x--x--x 0111 execute
--w--w--w- 0222 write
--wx-wx-wx 0333 write & execute
-r--r--r-- 0444 read
-r-xr-xr-x 0555 read & execute
-rw-rw-rw- 0666 read & write
-rwxr----- 0740 owner can read, write, & execute; group can only read; others have no permissions

Directory and File Permissions


Permissions Directory File
Most secure 755 644
Least secure 777 666

Directories need to allow for access to their contents, so for each scope (owner, group, world), directory permissions will nearly always be one of the execute permissions: 1, 3, 5, or 7.


In a web application, no files themselves need execute privileges because the web server is controlling the process that actually executes the PHP. So the typical options will be 4 or 6.


Usually only the owner needs write permissions, and group/world just need read.