LiveFire Labs - Online UNIX Training - Company Logo


Online UNIX Training with Hands-on Internet Lab


"Eliminate the expense and inconvenience of classroom training without eliminating the classroom experience."

 


Home
Internet Lab
Console Access
Sample Course

Student Login


LiveFire Labs' UNIX Tip, Trick, or Shell Script of the Week - View


Questions? Call
1.888.843.1637 or send us email





September 22, 2003 - Special Purpose Access Modes (Permissions) - Part III - The Sticky Bit

This week's tip will conclude our series on the special purpose access modes (permissions).  SUID (set user ID) was covered the first week, SGID (set group ID) last week, and the sticky bit is the topic of this week's tip.

Historically, the sticky bit was applied to an executable program to instruct the operating system to keep it loaded in memory even after the process that was using it had exited.  This was set on large programs that were frequently used to increase system performance, but is not necessary today due to modern virtual memory techniques.  Even though it's not often used in this manner today, it can be used to create an additional layer of security on directories.

Normally, when a directory has write permission enabled for a user, that user may add and delete files from it.  If the sticky bit is set on a directory, files in it may only be deleted if the user is...

· the owner of the directory
· the owner of the file
· root (superuser)
This functionality is useful when a group of users need to have the ability to create and modify files in a shared directory, but need to be prevented from deleting each other's files.  A system-level example of this is the /tmp directory:

drwxrwxrwt     4 root     sys          188 Sep 20 15:22 tmp

When looking at this output, the "t" in the third position of the other permission set should stand out from the basic file access modes (read, write, and execute).  This indicates that the sticky bit has been set on /tmp, and all system users can create, modify, and delete their own files in this directory, but are not permitted to delete files created by other users.

Using chmod, there are two methods for enabling the sticky bit on a directory.  In symbolic mode, the format would be:


chmod u+t <directory>

See if you are able to figure out how to enable the sticky bit on a directory using absolute mode (Hint: man chmod).




Learn more...
  

If you are new to the UNIX or Linux operating system and would like to learn more, you may want to consider registering for LiveFire Labs' UNIX and Linux Operating System Fundamentals online training course.

Our innovative hands-on training model allows you to learn UNIX by completing hands-on exercises on real servers in our Internet Lab.


More Tips...

· 
Popular UNIX Tips from the Past

spacer Box Border
 

Receive the UNIX Tip, Trick, or Shell Script of the Week by Email


First Name:


Email Address:






   1.888.843.1637

Home - Contact us - Company info - Privacy Statement   

 
©2002-2003 LiveFire Labs.  All rights reserved.
Linux® is a registered trademark of Linus Torvalds, author and developer of this public domain operating system.
UNIX® is a registered trademark of The Open Group in the United States and other countries.