UNIX/Linux Forum Archives -> Protecting Files with the Sticky Bit

Protecting Files with the Sticky Bit

Track this topic | Email this topic | Print this topic

fishsponge

Posted: May 19 2003, 12:13 PM

Administrator

Group: Admin
Posts: 679
Member No.: 1
Joined: 13-February 03

Courtesy of Linux.OReillyNet.com
http://linux.oreillynet.com/pub/a/linux/lpt/22_06.html

Protecting Files with the Sticky Bit
by Jerry Peek
01/27/2000

Unix directory access permissions say that if a user has write permission on a directory, she can rename or remove files there–even files that don't belong to her. Many newer versions of Unix have a way to stop that. The owner of a directory can set its sticky bit. The only people who can rename or remove any file in that directory are the file's owner, the directory's owner, and the superuser.

Here's an example: the user jerry makes a world-writable directory and sets the sticky bit (shown as t here):

CODE

jerry% mkdir share
jerry% chmod 1777 share
jerry% ls -ld share
drwxrwxrwt 2 jerry ora 32 Nov 19 10:31 share

Other people create files in it. When jennifer tries to remove a file that belongs to ellie, she can't:

CODE

jennifer% ls -l
total 2
-rw-r--r-- 1 ellie ora 120 Nov 19 11:32 data.ellie
-rw-r--r-- 1 jennifer ora 3421 Nov 19 15:34 data.jennifer
-rw-r--r-- 1 peter ora 728 Nov 20 12:29 data.peter
jennifer% rm data.ellie
data.ellie: 644 mode ? y
rm: data.ellie not removed.
Permission denied

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

« Next Oldest | Tutorials & How-To's | Next Newest »

Close Topic Options

Track this topic
Receive email notification when a reply has been made to this topic and you are not active on the board.

Subscribe to this forum
Receive email notification when a new topic is posted in this forum and you are not active on the board.

Download / Print this Topic
Download this topic in different formats or view a printer friendly version.