What is Sticky Bit Permission in Linux

File security is much-needed one in today’s information technology environment, though there are lots of security features loaded by default there are chances for data gets stolen without your knowledge.The sticky bit comes with an excellent feature, this will not allow other users to rename or delete the file or dir even if they have full access to the directory. It allows only the root user or the user who owned the file or directory can delete or rename it.

Let me explain this with one example, I have a directory in the location /etc/mydir with the full access i.e read, write and execute permission to the group,&other users, thus here all permissions are ser to drwxrwxrwx.

Now  all users, groups have full permission to access to the directory /etc/mydir , I have two users with named “user10 and user20” as everybody  has the full permission to access the directory /etc/mydir, the user10 change the path to /etc/mydir and created a file named “myfile” .So the owner of the file “myfile” is user10.

Now the “user20” changed his path to /etc/mydir and decided to rename the “myfile”(which is owned by user10). The file was renamed, while the owner and group names remain unchanged.

The user20 can also delete the file(vasanth.com) which is not owned by him, Now we need some mechanism to prevent a user who doesn’t  own the directory or file within the directory from renaming or removing other users files and this is where sticky bit rises.

The file and directory set with the sticky bit allow only the root or owner of the file to move or delete that even though other users have full access they couldn’t do it.

Sticky bit can be assigned in two ways:

1)Numeric method

2)Symbolic method

In the numeric method you have to use the value 1 and in the symbolic method the option “s” to be added to the “other” field.

Now am going to set sticky bit to the directory /etc/mydir and let us  do the same experiment once again

#chmod o+t  /etc/mydir
#ls  -ld   /etc/mydir

#su – user10
#cd /etc/mydir
#touch testfile

#su – user20
#cd /etc/mydir
#mv testfile   vasanth.com
#rm  -vf  testfile

Now this time the sticky bit protect the file(testfile) being deleted from other users(user20) which is owned by user10.

This is how the sticky bit works.

To remove the assigned sticky bit permission:

#chmod  o-s  /etc/mydir
#ls  -l  /etc/mydir

In our next article, I will explain about assigning access control list permission to a file.

********************************************************************************************************************************

If you found this article useful, Please do subscribe  here Subscribe here

 

 

About Author:

Hello readers! Let me introduce my self first. My name is Vasanth Nirmal Singh J S having 9+ years of experience in IT on all flavours of Unix operating systems ,Storage's and many more .. I would like to share my technical experience i have come across - can be help to other people. So in this blog, I'll post my thoughts related to ITIS. I'll share experiences that I've had while working in different environments. You can expect content related to Unix,Solaris,Linux,EMC Storeages,HP-UX and many others. I hope this blog can be useful for you! Your comments will be appreciated!

Leave a Reply

Your email address will not be published. Required fields are marked *