diff --git a/CHANGELOG.md b/CHANGELOG.md
index ec79b05..bfa1f4e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,11 @@ The format is based on [Keep a
 Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to
 the [PEP 440 version scheme](https://peps.python.org/pep-0440/#version-scheme).
 
+## [Unreleased]
+### Added
+- ILinuxAgentCommandBuilder.build_set_permissions_command().
+  https://github.com/guardicore/monkey/issues/4187
+
 ## [v0.8.0] - 2024-06-10
 ### Changed
 - `ReservationID` from a UUID to a string.
diff --git a/agentpluginapi/__init__.py b/agentpluginapi/__init__.py
index 74c2328..7cb76d9 100644
--- a/agentpluginapi/__init__.py
+++ b/agentpluginapi/__init__.py
@@ -16,6 +16,7 @@
     LinuxDownloadMethod,
     LinuxDownloadOptions,
     LinuxRunOptions,
+    LinuxSetPermissionsOptions,
 )
 from .i_propagation_credentials_repository import IPropagationCredentialsRepository
 from .i_tcp_port_selector import ITCPPortSelector
diff --git a/agentpluginapi/i_linux_agent_command_builder.py b/agentpluginapi/i_linux_agent_command_builder.py
index ece057a..032b78b 100644
--- a/agentpluginapi/i_linux_agent_command_builder.py
+++ b/agentpluginapi/i_linux_agent_command_builder.py
@@ -4,7 +4,7 @@
 from typing import Optional
 
 from monkeytypes import InfectionMonkeyBaseModel
-from pydantic import model_validator
+from pydantic import Field, model_validator
 
 from .dropper_execution_mode import DropperExecutionMode
 
@@ -20,6 +20,11 @@ class LinuxDownloadOptions(InfectionMonkeyBaseModel):
     download_url: str
 
 
+class LinuxSetPermissionsOptions(InfectionMonkeyBaseModel):
+    agent_destination_path: PurePosixPath
+    permissions: int = Field(ge=0, le=0o777, default=0o700)
+
+
 class LinuxRunOptions(InfectionMonkeyBaseModel):
     agent_destination_path: PurePosixPath
     dropper_execution_mode: DropperExecutionMode
@@ -47,6 +52,14 @@ def build_download_command(self, download_options: LinuxDownloadOptions):
         :param download_options: Options needed for the command to be built
         """
 
+    @abc.abstractmethod
+    def build_set_permissions_command(self, set_permissions_options: LinuxSetPermissionsOptions):
+        """
+        Build Agent's binary permission change command
+
+        :param set_permissions_options: Options needed for the command to be built
+        """
+
     @abc.abstractmethod
     def build_run_command(self, run_options: LinuxRunOptions):
         """
@@ -61,7 +74,7 @@ def get_command(self) -> str:
         Gets the resulting command
         """
 
-    @abc.abstractclassmethod
+    @abc.abstractmethod
     def reset_command(self):
         """
         Resets the command
diff --git a/agentpluginapi/i_windows_agent_command_builder.py b/agentpluginapi/i_windows_agent_command_builder.py
index 8f53d7b..f7ad408 100644
--- a/agentpluginapi/i_windows_agent_command_builder.py
+++ b/agentpluginapi/i_windows_agent_command_builder.py
@@ -67,7 +67,7 @@ def get_command(self) -> str:
         Gets the resulting command
         """
 
-    @abc.abstractclassmethod
+    @abc.abstractmethod
     def reset_command(self):
         """
         Resets the command
diff --git a/tests/test_i_linux_agent_command_builder.py b/tests/test_i_linux_agent_command_builder.py
index 626e383..2eba631 100644
--- a/tests/test_i_linux_agent_command_builder.py
+++ b/tests/test_i_linux_agent_command_builder.py
@@ -2,7 +2,7 @@
 
 import pytest
 
-from agentpluginapi import DropperExecutionMode, LinuxRunOptions
+from agentpluginapi import DropperExecutionMode, LinuxRunOptions, LinuxSetPermissionsOptions
 
 
 @pytest.mark.parametrize(
@@ -15,3 +15,12 @@ def test_linux_run_options(dropper_execution_mode: DropperExecutionMode):
             dropper_execution_mode=dropper_execution_mode,
             dropper_destination_path=PurePosixPath("/tmp/dropper"),
         )
+
+
+@pytest.mark.parametrize("permissions", [0o1000, -0o1])
+def test_linux_permissions_options(permissions: int):
+    with pytest.raises(ValueError):
+        LinuxSetPermissionsOptions(
+            agent_destination_path=PurePosixPath("/tmp/agent"),
+            permissions=permissions,
+        )
diff --git a/vulture_allowlist.py b/vulture_allowlist.py
index 4f111c9..80e1eae 100644
--- a/vulture_allowlist.py
+++ b/vulture_allowlist.py
@@ -29,6 +29,7 @@
     WindowsRunOptions,
     WindowsShell,
 )
+from agentpluginapi.i_linux_agent_command_builder import LinuxSetPermissionsOptions
 
 IAgentEventPublisher.publish
 IAgentEventPublisher.event
@@ -126,6 +127,8 @@
 LinuxDownloadOptions.download_url
 LinuxDownloadOptions.download_method
 
+LinuxSetPermissionsOptions.file_path
+LinuxSetPermissionsOptions.permissions
 
 LinuxRunOptions.agent_destination_path
 LinuxRunOptions.dropper_destination_path
@@ -134,6 +137,8 @@
 
 ILinuxAgentCommandBuilder.build_download_command
 ILinuxAgentCommandBuilder.build_run_command
+ILinuxAgentCommandBuilder.build_set_permissions_command
+ILinuxAgentCommandBuilder.set_permissions_options
 ILinuxAgentCommandBuilder.get_command
 ILinuxAgentCommandBuilder.reset_command
 ILinuxAgentCommandBuilder.download_options