Linux file Special permissions adventure bit force bit sticky bit

Special Permissions

1: Sticky bit sticky

Objects: Directories

Function: When a directory has a T permission, then the files in the directory can only be deleted by the owner of the file

Symbol: O+t t=1 1777

Example:

[Email protected] mnt]# mkdir DD

[email protected] mnt]# Touch dd/file

ll
-rw-r--r--1 root root 0 Jul 04:54 file1
[Email protected] mnt]# chmod 777 Dd/file
[[email protected] mnt]# chmod 777 Dd/[[email protected] mnt]$ rm-fr dd/file # #root新建用户, student can be deleted

[[email protected "mnt]# chmod 1777 dd/                                                                                               # #给权限后

[email protected] mnt]# Touch Dd/file1
[email protected] mnt]# SU Student
[Email protected] mnt]$ RM-FR dd/file1
Rm:cannot remove ' dd/file1 ': Operation not permitted # # Cannot delete

2: Adventure bit suid

Object: Binary executable file

Role: The file is recorded within the program generated by the process owner for the file owner
Not related to the identity of the process initiator

Setting mode:
chmod u+s File
Suid=4
chmod 4xxx File

Example:

[[email protected] mnt]# which touch
/usr/bin/touch
[Email protected] mnt]# chown Student/usr/bin/touch #把touch的所有人改为student
[Email protected] mnt]# Ll/usr/bin/touch
-rwxr-xr-x. 1 student root 62432 Jan 2014/usr/bin/touch
[[email protected] mnt]# Touch file
[email protected] mnt]# LL
Total 0
-rw-r--r--1 root root 0 Jul 05:11 file #用root用户建立的文件所有人为root
[Email protected] mnt]# chmod 4777/usr/bin/touch #给权限
[email protected] mnt]# Touch file2
[email protected] mnt]# LL
Total 0
-rw-r--r--1 root root 0 Jul 05:11 file
-rw-r--r--1 student Root 0 Jul 05:11 file2 #建立的文件为二进制文件所有人的

3: Force bit Sgid

Objects: Files/directories

Role:

Files: only for binary executables, anyone running binaries, programs when the program produces all the groups of the process are all groups of files, and the program sponsors the identity of the group is not related to this article and the above adventure bit similar

Directory: When a directory has Sgid permissions, all the groups of all newly created files in the directory are automatically attributed to all groups in the directory, regardless of the group in which the file was created

Setting mode:
chmod g+s File|dir
sgid=2
chmod 2xxx File|dir

Example: for binary files

[email protected] mnt]$ Touch file1
[email protected] mnt]$ LL
Total 0
-rw-rw-r--1 student Student 0 Jul 05:20 file1
[[Email protected] mnt]$ exit
[Email protected] mnt]# chmod 2777/usr/bin/touch
[email protected] mnt]# SU Student
[email protected] mnt]$ Touch file2
[email protected] mnt]$ LL
Total 0
-rw-rw-r--1 student student0 Jul 05:20 file1
-rw-rw-r--1 student Root 0 Jul 05:20 file2

This article is from the "12462896" blog, please be sure to keep this source http://12472896.blog.51cto.com/12462896/1950037

Linux file Special permissions adventure bit force bit sticky bit