Chmod 440 Explained
Chmod 440: owner and group read-only, others no access. Used for sensitive configuration files shared with a service group.
Permission
440
r--r-----
chmod 440 filename
Permission Breakdown
| Role | Read (4) | Write (2) | Execute (1) | Octal | Meaning |
|---|---|---|---|---|---|
| Owner | r | - | - | 4 | read |
| Group | r | - | - | 4 | read |
| Others | - | - | - | 0 | no permissions |
Visual Permission Grid
Detailed Explanation
The permission 440 grants read-only access to the owner and group while blocking others completely.
Octal breakdown:
- 4 (Owner): read (4) only
- 4 (Group): read (4) only
- 0 (Others): no access
In symbolic notation this is r--r-----. The owner and group members can read the file but cannot modify or execute it. Others have no access.
This permission is used for sensitive read-only files that need to be accessed by a specific service or group of users. For example, a database password file might be owned by the administrator with the web server's group, both having read access. The read-only nature prevents accidental modifications, while blocking others prevents unauthorized access.
Use Case
Used for sensitive configuration files like /etc/sudoers.d/ entries, password files shared between an administrator and a service group, and read-only secrets.