Re: sticky bit (was: RE: Permissions for /tmp)
Pollywog wrote:
>
>On 25-May-99 scratch wrote:
>> On Tue, 25 May 1999, Pollywog wrote:
>>
>>> Do you have the sticky bit set? Try it.
>>
>> I've always wondered what the meaning of the sticky bit is. Does it have
>> something to do with enforcing group ownership on files created, or am I
>> way off here?
>
>The sticky bit (chmod +t) on a directory just makes it so that anyone can wr
>ite
>to that directory but not modify files they did not make.
Not quite. It does mean that you cannot delete files that you do not own,
but you may still be able to alter them.
In order to delete any file, you need write permission on the directory it
is in. If the sticky bit is set in the directory permissions, you also
need to own the file itself before you can delete it. If the sticky bit is
not set, you can delete any file in the directory, provided that you have
write permission to the directory. Let me say that again: with directory
write permission you can delete _any_ file in the directory, whatever that
file's permissions may be. This is very confusing for new Unix users; to
understand it, you should realise that inserting or deleting a file means
writing in a directory, therefore it is covered by the directory's write
permission. Deleting a file means removing the link from the directory
without touching the file's contents; if there is another link to the file
in another directory, the file will continue to exist. A file is removed
by the operating system only when the link count on its inode falls to 0.
Alterations to the file are covered by its own permissions.
olly@linda$ ls -la /tmp
total 184
drwxrwxrwt 7 root root 3072 May 25 22:58 .
^
|____ This t shows that /tmp has the sticky bit set...
drwxr-xr-x 23 root root 1024 May 25 18:25 ..
-r--r--r-- 1 root root 11 May 25 15:32 .X0-lock
drwxrwxrwt 2 root root 1024 May 25 15:32 .X11-unix
...therefore .X0-lock and .X11-unix can only be deleted by root, while
.exmhaudit.1406 and junk can only be deleted by olly.
-rw------- 1 olly olly 422 May 25 15:50 .exmhaudit.1406
-rw-rw-rw- 1 olly olly 0 May 25 22:58 junk
^
|____ This is the link count; for a file it shows how many hard
links there are to it; for a directory, on some Unixes, it shows the number
of files in the directory - I don't know what it is showing on Linux (there
are 18 files and sub-directories in my /tmp rather than 7).
Anyone can alter junk, because it has write permission for all, but only
olly can alter .exmhaudit.1406.
Without the sticky bit on /tmp, all the files could be deleted by anybody, because /tmp has write permission for all.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP key from public servers; key ID 32B8FAA1
========================================
"And Jesus answering said unto them, They that are
whole need not a physician; but they that are sick. I
come not to call the righteous, but sinners to
repentance." Luke 5:31,32
Reply to: