Comments on: File Permissions http://nixshell.wordpress.com/2007/01/25/file-permissions/ UNIX / Linux Shell Hints and Tips      (a http://steve-parker.org/sh/sh.shtml subproject) Sun, 31 Mar 2013 18:54:44 +0000 hourly 1 http://wordpress.com/ By: unixshell http://nixshell.wordpress.com/2007/01/25/file-permissions/#comment-12 Sun, 11 Feb 2007 21:24:31 +0000 http://nixshell.wordpress.com/2007/01/25/file-permissions/#comment-12 Absolutely. The sticky bit on a directory (nomally used in /tmp): chmod 1777 /tmp or chmod a+t /tmp
This means that files within that directory can be deleted or renamed only by their owner. /tmp is usually 1777 (-rwxrwxrwt) so that anybody can write there, but they can’t rename or delete other users’ files.

The phrase “sticky bit” when talking about a file can mean one two things; on older UNIX systems it meant that the file should not be swapped out of RAM. On modern systems (such as Linux) it refers to the “chmod u+s” syntax, which tells the system that, although the file has been run by (say, a normal user called “steve”), because it is (a) owned by (typically) root and has the sticky bit set (-rwxr-sr-x), then it will actually be executed with root permissions. This is one reason why you can’t “donate” your files to another user: “steve$ chown root myfile” because it could be used to escalate your privileges. With this mechanism, root must explicitly set the sticky bit on specific (trusted) binaries. The sticky bit can’t be set on shell scripts.

]]> By: mafr http://nixshell.wordpress.com/2007/01/25/file-permissions/#comment-11 Sun, 11 Feb 2007 15:12:13 +0000 http://nixshell.wordpress.com/2007/01/25/file-permissions/#comment-11 The real magic begins with things like the sticky bit (“chmod 1777 directory”) or the setuid and setgid bits :)

]]>