Sticky bit (sticky bit)

Linux Special permissions: SetUid, setGid, sticky bit (sticky)

　　(1) x permission (execution) of the directory

　　The executable permission of a file is simple, that is, can execute its meaning, but what does the directory Execute permission mean?

of course, it is impossible to execute this directory, in fact, this execution permission if used in the directory, it is no longer represents the meaning of execution, but rather represents the "search" permission.

when you want to access the/etc/httpd.conf file, you must have X (that is, search) permissions on the directory etc , or even if you and file httpd.conf have read access and cannot access the httpd.conf file.

R (Read, reading): For a file, have permission to read the contents of the file, and for the directory, have permission to browse the directory.
W (write, writes): For the file, has the new, modifies the file content the permission, for the directory, has the deletion, moves the file inside the directory the permission.
X (Execute, execute): For the file, it has permission to execute the file, and for the directory, the user has permission to enter the directory.
s or S (suid,set UID): Executable file with this permission, can be privileged, arbitrary access to the file owner can use all the system Resources. Please note that files with SUID permissions are often used by hackers to suid with the root account owner,
Silently open the back door in the system for future access.
T or T (Sticky):/tmp and/VAR/TMP directory for all users to temporarily access files, that is, each user has full access to the directory, to browse, delete, and move files. 

(2) SetUid, SetGid

That is: Set-user ID bit, set-group ID bit.

once a program has set the tag, the process that runs the program will have the program all The same permissions, such as one of your programs is rooted by root, and set the setuid bit, even if it is a The normal user runs the program, but the program's identity is the same as the superuser, and can access all resources that can only be accessed by the root user.

setuid command usage: To elevate the user's privileges, ordinary users can perform the change command to upgrade themselves to root

　　chmod 4755 Your_program

setgid command usage: similar to Setuid, allows the user to execute the file, the file is bound to all the permissions of the group, the file is very small setgid, usually setuid and setgid.

chmod 2755 Your_program

setUid and setgid command usage: It is not usually used to elevate permissions, but to bind special permissions for a particular user and its group.

　　chmod 6755 Your_program

(3) Adhesive position (sticky)

eg

CHMOD 777 ABC

chmod +t ABC

Equivalent to

chmod 1777 ABC

in the previous legacy system, if a program file is set to a sticky bit, then the program aborts all of his instructions will be insured. stored in the system's swap partition, and can be transferred to the system more quickly when running again. But now the operating system is no longer using this feature. But this does not mean that the function has been completely discarded.

When a directory is set to sticky bits, it will play a special When a directory is set to "sticky bit" (with chmod a+t), files in this directory can only be accessed by the

　　　　First, Super admin delete
Second, the owner of the directory is deleted
Third, the owner of the file is deleted
This means that even if the directory is writable by anyone, only the owner of the file can delete the file.

Sticky bit (sticky bit)