The sticky bit is an access-right flag that can be assigned to files and directories on Unix systems.
When the sticky bit is set, only the item's owner, the directory's owner, or the superuser can rename or delete files. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner.
Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files.
The sticky bit can be set using the chmod command and can be set using its octal mode 1000 or by its symbol t.
For example
To add the bit on the directory /usr/local/tmp, one would type
chmod +t /usr/local/tmp
Or, to make sure that directory has standard tmp permissions, one could also type
chmod 1777 /usr/local/tmp
In Unix symbolic file system permission notation, the sticky bit is represented by the letter t in the final character-place.
$ ls -ld /tmp
drwxrwxrwt 4 root sys 485 Nov 10 06:01 /tmp
If the sticky-bit is set on a file or directory without the execution bit set for the others category (non-user-owner and non-group-owner), it is indicated with a capital T :
# ls -l test
-rw-r--r-- 1 root other 0 Nov 10 12:57 test
# chmod +t test; ls -l test
-rw-r--r-T 1 root other 0 Nov 10 12:57 test
No comments:
Post a Comment
Note: only a member of this blog may post a comment.