diff --git a/server/internal/command/appcmd/resource.go b/server/internal/command/appcmd/resource.go
index 505767b2..3fd42783 100644
--- a/server/internal/command/appcmd/resource.go
+++ b/server/internal/command/appcmd/resource.go
@@ -25,7 +25,7 @@ func setupResourceCommand() *cobra.Command {
 		setupResourceMkdirCommand(),
 		setupResourceRmCommand(),
 		setupResourceLsCommand(),
-		setupResourceChownCommand(),
+		setupResourceChpermCommand(),
 	}...)
 	return cmd
 }
@@ -103,8 +103,8 @@ func setupResourceRmCommand() *cobra.Command {
 }
 
 func setupResourceLsCommand() *cobra.Command {
-	details := func(r core.Resource, name string) string {
-		return fmt.Sprintf("%s %4d %s", r.ID().String(), r.Permission(), name)
+	details := func(r core.Resource) string {
+		return fmt.Sprintf("%s %4d %s", r.ID().String(), r.Permission(), r.Name())
 	}
 	cmd := cobra.Command{
 		Use:   "ls <path | uuid>",
@@ -141,17 +141,19 @@ func setupResourceLsCommand() *cobra.Command {
 				}
 			}
 
+			logrus.Info("Name: " + r.Name())
+			logrus.Info("  ID: " + r.ID().String())
+			logrus.Info("Perm: " + core.PermissionString(r.Permission()))
 			if r.IsDir() {
 				children, err := fs.ReadDir(r)
 				if err != nil {
 					logrus.Fatal(err)
 				}
-				logrus.Info(details(r, "."))
+				logrus.Info("")
+				logrus.Info("Children:")
 				for _, c := range children {
-					logrus.Info(details(c, c.Name()))
+					logrus.Info(details(c))
 				}
-			} else {
-				logrus.Info(details(r, r.Name()))
 			}
 		},
 	}
@@ -160,25 +162,24 @@ func setupResourceLsCommand() *cobra.Command {
 	return &cmd
 }
 
-func setupResourceChownCommand() *cobra.Command {
+func setupResourceChpermCommand() *cobra.Command {
 	cmd := cobra.Command{
-		Use:   "chown user <path | uuid>",
-		Short: "Change Resource Owner",
-		Args:  cobra.ExactArgs(2),
+		Use:   "chperm user <path | uuid> [ none | read | write | share ]",
+		Short: "Change Resource Permissions",
+		Args:  cobra.ExactArgs(3),
 		PreRun: func(cmd *cobra.Command, args []string) {
 			openFileSystemFromFlags(cmd)
 		},
 		Run: func(cmd *cobra.Command, args []string) {
-			username := args[0]
-			path := args[1]
-			var owner int32
-			if user, err := core.Default.UserByUsername(context.Background(), username); err != nil {
+			var user int32
+			if u, err := core.Default.UserByUsername(context.Background(), args[0]); err != nil {
 				logrus.Fatal(err)
 			} else {
-				owner = user.ID()
+				user = u.ID()
 			}
 
 			var r core.Resource
+			path := args[1]
 			if path[0] != '/' {
 				var id uuid.UUID
 				var err error
@@ -203,24 +204,25 @@ func setupResourceChownCommand() *cobra.Command {
 					}
 				}
 			}
-			if err := fs.UpdateOwner(r, owner); err != nil {
-				logrus.Fatal(err)
+
+			permission := core.PermissionNone
+			switch args[2] {
+			case "none":
+			case "read":
+				permission = core.PermissionReadOnly
+			case "write":
+				permission = core.PermissionReadWrite
+			case "share":
+				permission = core.PermissionReadWriteShare
+			default:
+				logrus.Fatal("Unrecognized premission: " + args[2])
 			}
 
-			// if r.IsDir() {
-			// 	if recursive, err := cmd.Flags().GetBool("recursive"); err != nil {
-			// 		logrus.Fatal("Must use -r to delete collections")
-			// 	} else {
-			// 		if recursive {
-			// 		} else {
-			// 		}
-			// 	}
-			// }
-
+			if err := fs.UpdatePermissions(r, user, permission); err != nil {
+				logrus.Fatal(err)
+			}
 		},
 	}
-	// flags := cmd.Flags()
-	// flags.BoolP("recursive", "r", false, "Recursively change ownership")
 	setupUsernameFlags(&cmd)
 
 	return &cmd
@@ -228,18 +230,7 @@ func setupResourceChownCommand() *cobra.Command {
 
 func openFileSystemFromFlags(cmd *cobra.Command) {
 	var user core.User
-	if value, err := cmd.Flags().GetInt32("user"); err != nil {
-		logrus.Fatal(err)
-	} else if value != 0 {
-		if user, err := core.Default.UserByID(context.Background(), value); err != nil {
-			logrus.Fatal(err)
-		} else {
-			user = user
-			return
-		}
-	}
-
-	if value, err := cmd.Flags().GetString("username"); err != nil {
+	if value, err := cmd.Flags().GetString("user"); err != nil {
 		logrus.Fatal(err)
 	} else {
 		if u, err := core.Default.UserByUsername(context.Background(), value); err != nil {
@@ -259,7 +250,6 @@ func openFileSystemFromFlags(cmd *cobra.Command) {
 
 func setupUsernameFlags(cmd *cobra.Command) {
 	flags := cmd.Flags()
-	flags.Int32P("user", "u", 0, "Specify User ID for resource operations (cannot be used with -U)")
-	flags.StringP("username", "U", "phylum", "Specify Username for resource operations (cannot be used with -u)")
+	flags.StringP("user", "u", "phylum", "Specify Username for resource operations (cannot be used with -u)")
 
 }
diff --git a/server/internal/core/app.go b/server/internal/core/app.go
index 1dc6e9e1..28c02029 100644
--- a/server/internal/core/app.go
+++ b/server/internal/core/app.go
@@ -78,7 +78,7 @@ func (a *App) populateData(ctx context.Context) (user db.User, e error) {
 		userHome, err := dbh.CreateResource(ctx, db.CreateResourceParams{
 			ID:     uuid.New(),
 			Parent: &home.ID,
-			Name:   user.Username,
+			Name:   defaultUserName,
 			Dir:    true,
 		})
 		if err != nil {
@@ -97,6 +97,15 @@ func (a *App) populateData(ctx context.Context) (user db.User, e error) {
 			return err
 		}
 
+		dbh.UpdatePermissionsForResource(ctx, db.UpdatePermissionsForResourceParams{
+			ResourceID: root.ID,
+			UserID:     user.ID,
+			Permission: PermissionReadWriteShare,
+		})
+		if err != nil {
+			return err
+		}
+
 		return err
 	})
 	return
diff --git a/server/internal/core/filesystem.go b/server/internal/core/filesystem.go
index 776e7080..2f09a212 100644
--- a/server/internal/core/filesystem.go
+++ b/server/internal/core/filesystem.go
@@ -27,7 +27,7 @@ type FileSystem interface {
 	DeleteRecursive(r Resource, hardDelete bool) error
 	UpdateName(r Resource, name string) error
 	UpdateParent(r Resource, parent uuid.UUID) error
-	UpdatePermissions(r Resource, userID int32, permission int32) error
+	UpdatePermissions(r Resource, userID int32, permission Permission) error
 }
 
 type filesystem struct {
@@ -285,12 +285,12 @@ func (f filesystem) UpdateParent(r Resource, parent uuid.UUID) error {
 	return f.db.UpdateResourceParent(f.ctx, db.UpdateResourceParentParams{ID: r.ID(), Parent: parent})
 }
 
-func (f filesystem) UpdatePermissions(r Resource, userID int32, permission int32) error {
-	if r.Permission() < PermissionAdmin {
+func (f filesystem) UpdatePermissions(r Resource, userID int32, permission Permission) error {
+	if r.Permission() < PermissionReadWriteShare {
 		return ErrInsufficientPermissions
 	}
-	if permission > PermissionAdmin {
-		permission = PermissionAdmin
+	if permission > PermissionReadWriteShare {
+		permission = PermissionReadWriteShare
 	}
 
 	return f.db.UpdatePermissionsForResource(f.ctx, db.UpdatePermissionsForResourceParams{
diff --git a/server/internal/core/permission.go b/server/internal/core/permission.go
new file mode 100644
index 00000000..194a8ed5
--- /dev/null
+++ b/server/internal/core/permission.go
@@ -0,0 +1,26 @@
+package core
+
+import "fmt"
+
+type Permission = int32
+
+const (
+	PermissionNone           = Permission(0)
+	PermissionReadOnly       = Permission(3)
+	PermissionReadWrite      = Permission(31)
+	PermissionReadWriteShare = Permission(127)
+)
+
+func PermissionString(p Permission) string {
+	switch p {
+	case PermissionNone:
+		return "none"
+	case PermissionReadOnly:
+		return "read"
+	case PermissionReadWrite:
+		return "write"
+	case PermissionReadWriteShare:
+		return "share"
+	}
+	return fmt.Sprintf("Unknown Permission (%d)", p)
+}
diff --git a/server/internal/core/resource.go b/server/internal/core/resource.go
index d74bd470..3e4d2300 100644
--- a/server/internal/core/resource.go
+++ b/server/internal/core/resource.go
@@ -10,12 +10,6 @@ import (
 	"github.com/google/uuid"
 )
 
-const (
-	PermissionReadOnly  = 1
-	PermissionReadWrite = 3
-	PermissionAdmin     = 127
-)
-
 var (
 	ErrInsufficientPermissions    = errors.New("insufficient permissions")
 	ErrCannotGrantOwnerPermission = errors.New("cannot grant owner permission")
diff --git a/server/internal/core/user_manager.go b/server/internal/core/user_manager.go
index 144e9865..8f1d31b8 100644
--- a/server/internal/core/user_manager.go
+++ b/server/internal/core/user_manager.go
@@ -33,7 +33,7 @@ func (a App) CreateUser(ctx context.Context, username, displayName, password str
 			return err
 		} else if userHome, err := fs.CreateMemberResource(home, uuid.New(), username, true); err != nil {
 			return err
-		} else if err := fs.UpdatePermissions(userHome, u.ID, PermissionAdmin); err != nil {
+		} else if err := fs.UpdatePermissions(userHome, u.ID, PermissionReadWriteShare); err != nil {
 			return err
 		} else {
 			return d.UpdateUserHome(ctx, db.UpdateUserHomeParams{ID: u.ID, Home: userHome.ID()})