Linux Special Permissions Stick_bit

Special Permissions Stick_bit

This special permission is set for the directory.

From the literal understanding of the word, called sticky bit. It's like being glued to the glue. All are also called anti-delete bits, in order to prevent deletion by other users (except Ps:root users, it is super Administrator, can not be prevented).

The system itself has a directory with such permissions.

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091255_85.png "style=" border-style:none; "/>

1. Why do you have Stick_bit permissions

We know that/tmp is the temporary file directory of the system, all the users in the directory has all the permissions, that is, in this directory can be arbitrarily created, modify, delete files, if user A in this directory created a file, User B deleted the file, this situation we can not allow. To achieve this, the concept of stick bit (sticky bit) is present. It is for the directory, if the directory is set stick bit (sticky bit), then the files in this directory in addition to the file creator and root user can be deleted and modified. /tmp directory of files/directories, can not move others, this is the role of sticky bit.

2. Set Stick_bit permissions

Format: chmod o+t catalog chmod o+t/tmp/111/

> Verification:> 1. User1 user creates a User1.txt file in the/tmp directory with stick_bit special permissions set

[[email protected] tmp]# ls -ld /tmp/drwxrwxrwt. 16 root root  271 6 Month    9 12:39 /tmp/[[email protected] tmp]# su -  user1[[email protected] ~]$ woami-bash: woami:  command not found [[email protected] ~]$  whoamiuser1[[email protected] ~]$ cd /tmp/[[email protected] tmp]$  touch user1.txt[[email protected] tmp]$ 

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091303_918.png "style=" border-style:none; "/>

> 2 allin1 users try to modify and delete user1.txt files .> Modify

[[Email protected] ~]# ssh -p 22 [email protected] login: fri  jun  9 13:08:20 2017 from 192.168.245.132[[email protected] ~]#  whoamiroot[[email protected] ~]# su - allin1 Last Login: five  6 month   9  09:25:02 cst 2017pts/3  on [[email protected] ~]$ whoamiallin1[[email  Total dosage of protected]inux-01 ~]$ cd /tmp/[[email protected] tmp]$ ls -l   0DRWXRWXR--.  4 root   root   45 6 Month    8 21:20  111drwxr-xr-x. 2 root   root    6 6 Month     8 20:11 222drwxrwxr-x. 3 allin1 allin1 26 6 Month    9 10:53  234drwxr-xr-x. 3 root   root   26 6 Month    9  10:56 345drwxr-sr-x.  3 root   user1  26 6 month    9 11:10 666drwxr-xr-x.  4 root   root   40 6 Month    6 21:32  Allin2drwxrwxrwx. 2 allin1 user1  19 6 Month    8 14:58  allinlinuxdrwx------.  3 root   root   17 6 Month    8  14:15 systemd-private-0f4b60569c224727b1ec0153a8598630-vmtoolsd.service-qcx2ttdrwxr-xr-x. 4  root   root   28 6 month    6 17:16 tmp-rw-rw-r--.  1 user1  user1   0 6 Month    9 13:03 user1.txt[[ Email protected] tmp]$ vi user1.txt

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091310_701.png "style=" border-style:none; "/>

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091310_968.png "style=" border-style:none; "/>

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091311_873.png "style=" border-style:none; "/>

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091311_535.png "style=" border-style:none; "/>

> above a series of operation instructions, user User1 created User1.txt file, allin1 cannot modify > Delete

[Email protected] tmp]$ RM user1.txt RM: Do you want to delete the plain empty file "user1.txt" with write protection? YRM: Unable to delete "User1.txt": disallowed operation [[email protected] tmp]$

650) this.width=650; "src=" Http://oqjg6c4c1.bkt.clouddn.com/201706091313_658.png "style=" border-style:none; "/>

This article is from the "Linux Road" blog, make sure to keep this source http://allin28.blog.51cto.com/12931477/1933860

Linux Special Permissions Stick_bit