This article will quickly guide you about Linux Sticky bit. Also it will guide you about how to set Linux sticky bit.
Linux Sticky bit
Sticky bit is an special permission on files as well as on the directories. Whenever you set Linux sticky bit on directory there will be a special restriction on the directory and files. In such case , normal user cannot remove or rename files or directories inside directory except the owner of directory and the root user although the directory is publicly writable.
Where we should use Linux Sticky bit?
We must implement or set Sticky bit in publicly writable directories. In such case normal user who is not an owner of the directory or file cannot remove or rename files inside it.
How to set Linux Sticky bit
In order to set or to remove sticky bit we must use “t” flag in the chmod command as below:
chmod +t <directory> chmod -t <directory>
Example of Linux sticky Bit:
Lets create test directory which publicly writable in /tmp directory.
[root@rhel tmp]# mkdir test [root@rhel tmp]# ls -ltr total 4 drwxr-xr-x 2 root root 4096 Jan 24 13:17 test
Make this directory publicly writable with below command:
[root@rhel tmp]# chmod 777 test
Now set sticky bit using chmod command as below along with “t” flag:
[root@rhel tmp]# chmod +t test/
Now if you do ls command you can able to special “t” permission for test directory as below:
[root@rhel tmp]# ls -ltr total 4 drwxrwxrwt 2 root root 4096 Jan 24 13:18 test
Create sample file 1 2 3 4 using touch command inside the test directory.
[root@rhel test]# touch 1 2 3 4
In order to test this up I am login with normal user manmohan and change directory to /tmp/
[root@rhel test]# su - manmohan Last login: Wed Jan 24 13:20:37 UTC 2018 on pts/0 [manmohan@rhel ~]$ cd /tmp/
Now try to remove “test” directory, System will deny this by saying “Operation not permitted” although the test directory is publicly writable as below:
[manmohan@rhel tmp]$ rm test rm: cannot remove ‘test’: Is a directory [manmohan@rhel tmp]$ rm -rf test rm: cannot remove ‘test/3’: Operation not permitted rm: cannot remove ‘test/1’: Operation not permitted rm: cannot remove ‘test/4’: Operation not permitted rm: cannot remove ‘test/2’: Operation not permitted [manmohan@rhel tmp]$
How to unset sticky bit
In case you want to reverse the sticky bit or unset sticky bit use chmod with minus “t” flag as below:
[root@rhel tmp]# chmod -t test [root@rhel tmp]# ls -lt total 4 drwxrwxrwx 2 root root 4096 Jan 24 13:18 test [root@rhel tmp]#
In case you want to learn more about securing plain text file follow this article.
Download Free book
Get your free copy of Linux command line Cheat Sheet!!!!