Use of linux-sticky bits

linux-sticky bit use

sticky bits (stickybit), also known as sticky bits, are a flag for UNIX file system permissions. The most common usage is to set the sticky bit on the directory,

Can only be set for the record, for the effectiveness of the piece. After the sticky bit is set, only the owner or root of the file in the directory can delete or move

The file. If you do not set a sticky bit for the directory, any user with the write and execute permission for that directory can delete and move the files in it. Should actually

In use, sticky bits are generally used in the/TMP directory to prevent ordinary users from deleting or moving other users ' files.

In a Linux system? The typical example is the "/tmp", "/var/tmp" record. These two recordings are temporary components of the Linux system.

folder, the permission is "rwxrwxrwx", that is, allow any user, any program in the record to create, delete, move the pieces or?? Recording and other operations.

What will be the result of the removal of temporary components from the system services operation? ", if any?

The sticky bit permission is for this situation setting, when the record is set the sticky bit permission, even if the user has written permission to the record, nor

Can I delete the data of the other households in the recording? Only the owner and root of the item are allowed to delete it. After you set the sticky bit,

It's a good way to keep the dynamic balance: Allow the households to write in the record, delete the data, but the ban is free to delete other users ' data.

　It is important to note that the sticky bit permission can only be set for the record, for the case.
　When You set the record for the sticky bit permission to enable the LS command to view its properties, the "X" at other user permissions becomes "T".
For example, check the permissions of/tmp,/VAR/TMP, and confirm that there is a "T" tag.

the sticky bit permissions are set for other settings, so the? chmod command sets the record permission,

"O+t", "o-t" permission mode can be added, remove the right limit of the sticky bit .
For example, set the sticky bit permissions for the/test record.

at this time, the ordinary household Zyj law to delete/root/test/file1 pieces.

The sticky bit permission is also in the production environment. When it is necessary to provide the user with a set of open and release records, and do not want to create management chaos, through

Setting the sticky bit permission on the record solves the problem.

Use of linux-sticky bits