Linux file special permissions set bit s and dip bit T (reprint)

Today in the creation of the file, found that the file permissions at the end of a T, did not notice before, and then create (open) with C two files to view, when I do not specify the permissions (omit the third parameter of open), sometimes also appear s, although still do not understand when the S and T will appear, But first understand the meaning of S and T to record this. Both S and T are for execute permission x. A few of the contents are different from the original, and other information is collated.

I. Setting the bit S

In order for a general user to temporarily have execute permissions for the primary/group to which the file belongs. For example,/usr/bin/passwd in the implementation of it needs to modify/etc/passwd and/etc/shadow files, these files in addition to root, other users do not have write permission, but in order to allow ordinary users to modify their own password, They are only allowed to have root permissions temporarily. So this s permission is used to accomplish this particular task. The S permission can only be applied to the binary executable file.
If you don't want ordinary users to change their passwords, just [[email protected] ~]# chmod u-s/usr/bin/passwd or [[email protected] ~]# chmod 07 55/USR/BIN/PASSWD

0755 The first 0 indicates that no special permissions are used, the digits on the bit can be 0,1 (--t), 2 (-s-), 3 (-st), 4 (s--), 5 (S-T), 6 (ss-), 7 (SST)

Two. Dip-Attach bit t

Generally only works on the directory, it means that only the owner and root can delete (rename/move) files in the directory. For example, the/tmp directory is any user can read and write, if others can arbitrarily delete (rename/move) their own files, it is not very dangerous, so this T permission is to solve the problem.

Here is an example of how to use this T permission:

(1) root user in the/tmp directory to create a test directory, and set the test directory with the relevant permissions of 1777 (with special permissions T)

mkdir1777ls-ld:test    

(2) switch to the first user zhangming, create a new file Aaa.txt in the test directory, and write the data

Sutouch test/"Hello" >> test/ls-:aaa.txt     

(3) switch to the second user shuihuo379, try to delete zhangming user-created file Aaa.txt, this prompt cannot be deleted

[Email protected] tmp]$Su shuihuo379[[email protected] tmp]$ ls-l Test/aaa.txt-rw-rw-r--. 1 zhangming zhangming 6 Oct  22:34 test/aaa.txt[[ Email protected] tmp]$ rm test/aaa.txtrm:remove write-protected regular file" Test/aaa.txt '  YRM: Cannot remove ' test/aaa.txt ' : Operation not permitted  

(4) re-switch to root user, perform delete permission bit T operation

Suchmod-ls-ld:test    

(5) switch to user shuihuo379 again, try to delete zhangming user created file Aaa.txt, the deletion is successful, zhangming user created file Aaa.txt no longer exists

[Email protected] tmp]#Su shuihuo379[[email protected] tmp]$ ls-l testtotal 4-rw-rw-r--. 1 zhangming zhangming 6 Oct  22:34 Aaa.txt[[email  protected] tmp]$ rm test/aaa.txtrm:remove write-protected regular file" test/ Aaa.txt '  y[[email protected] tmp]$ ls-l testtotal 0     

Turn from:

Http://www.cnblogs.com/zhangming-blog/articles/5956280.html

Linux file special permissions set bit s and dip bit T (reprint)