UNIX / Linux: How to Use Sticky Bit on Directory and File

You would set the sticky bit primarily on directories in UNIX / Linux.

If you set the sticky bit to a directory, other users cannot delete or rename the files (or subdirectories) within that directory.

When the sticky bit is set on a directory, only the owner and the root user can delete / rename the files or directories within that directory.

1. Set the sticky bit on Directory

The example below enables the sticky bit on a directory.

Use chmod command to set the sticky bit. If you are using the octal numbers in chmod, give 1 before you specify other numbered privileges, as shown below. The example below, gives rwx permission to user, group and others (and also adds the sticky bit to the directory).

$ chmod 1777 dir

Or, you can assign only sticky bit to an existing directory (without touching any other user, group and other privileges) using chmod command as shown below.

$ chmod +t dir

Once the sticky bit is assigned to a directory, you’ll see (t) as the last character in the permission. In this example, it is drwxrwxrwt.

$ ls -ld /home/bala/dir
drwxrwxrwt 2 bala bala 4096 2011-01-28 14:09 /home/bala/dir
$ ls -l dir
total 8
-rwxrwxrwx 1 bala   bala   20 2011-01-28 14:12 bala.txt
-rwxrwxrwx 1 guest guest 41 2011-01-28 14:13 guest.txt

In the above example, as dir has rwx permission to everybody, all other users are allowed to do create their files or directories under this directory. However, even when the sub-directories or files under dir is having rwx permission to everybody, only the owner of those can delete or rename those files and directory. Other users cannot delete or rename it because of sticky bit.

In the above example, bala.txt has rwx to users, groups, and others. But, when guest user is trying to delete the file bala.txt, he’ll see the “Operation not permission” message as shown below.

$ su guest
Password:
$ cd /home/bala/dir1
$ rm bala.txt
rm: cannot remove `bala.txt': Operation not permitted

Please note that /tmp has sticky bit enabled by default. You might have not noticed that until now. Now you know why /tmp directory is supposed to have sticky bit enabled.

$ ls -ld /tmp
drwxrwxrwt 3 root root 4096 Jan 31 08:29 /tmp

To remove the sticky bit from a directory, do the following.

$ chmod -t dir

2. Set the sticky bit on File

Setting the sticky bit on a file is pretty much useless, and it doesn’t do anything. On some of the older *nix flavors, a sticky bit enabled executable file will be loaded to the swap memory after 1st execution, which speeds up all subsequent execution. This is not true anymore.

From Wikipedia:

Currently, this behavior is only operative in HP-UX, NetBSD, and UnixWare.
Solaris appears to have abandoned this in 2005.[citation needed] The 4.4-Lite
release of BSD retained the old sticky bit behavior but it has been subsequently
dropped from OpenBSD (as of release 3.7) and FreeBSD (as of release 2.2.1);
it remains in NetBSD. 

No version of Linux has ever supported the traditional behavior.
Advertisements
Posted in Linux

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: