BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Permissions question

Subject: Permissions question
From: dzxu at yahoo.com (Daniel Xu)
Date: Tue, 1 Aug 2000 12:04:22 -0700 (PDT)

Jason,

As I understand, only 1000 is setting for sticky bit.
4000 is setting for SUID and 2000 is for SGID. You can
mix them as you did. Say you used chmod 3755. 3000 is
1000 which sets sticky bit and plus 2000 which sets
GUID. You can see the permission change to -rwxrwsr-t
when you use "chmod 3775 foo". "t" is the sticky bit.

>From security point of view, the sticky bit can help
control deleting file by no-owner. Say if you want to
set up a file in someone's home dir but you do not
want this person remove the file you can set up the
sticky bit on the directory and change the ownership
of the file. example:

# chmod 1777 ~jason (change mode on jason's home dir)
# touch ~jason/foo
# chmod 744 ~jason/foo (read only for other)
# chown root ~jason/foo (change the owner -- you can
change to anyone)
then, jason can not delete this file foo and only root
can.

Best Regards

Daniel Xu

--- jtnelson at genuity.net wrote:
> I have wondered this for a while and have not found
> much documentation on it:
> 
> $ chmod 0775 foo
> $ ls -l foo
>    0 -rwxrwxr-x   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 1775 foo
> $ ls -l foo
>    0 -rwxrwxr-t   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 2775 foo
> $ ls -l foo
>    0 -rwxrwsr-x   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 3775 foo
> $ ls -l foo
>    0 -rwxrwsr-t   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 4775 foo
> $ ls -l foo
>    0 -rwsrwxr-x   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 5775 foo
> $ ls -l foo
>    0 -rwsrwxr-t   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 6775 foo
> $ ls -l foo
>    0 -rwsrwsr-x   1 jason    admin           0 Jun 
> 9 09:08 foo*
> $ chmod 7775 foo
> $ ls -l foo
>    0 -rwsrwsr-t   1 jason    admin           0 Jun 
> 9 09:08 foo*
> 
> I believe it's called the sticky bit and it ranges
> from 0-7, but I haven't found documentation on what
> each 
> value means.  I usually use something like chmod
> 2775 foo to allow multiple users to write to a
> directory but not delete each others stuff (i.e. for
> a shared samba dir).  But not sure what effect each
> value really has.
> 
> Thanks in advance,
> Jason Nelson
> Genuity Inc.
> VPN and Internet Security Analyst
> -
> Subcription/unsubscription/info requests: send
> e-mail with
> "subscribe", "unsubscribe", or "info" on the first
> line of the
> message body to discuss-request at blu.org (Subject
> line is ignored).

__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

Prev by Date: Permissions question
Next by Date: Visual Source Safe, Linux, Samba and security
Previous by thread: Permissions question
Next by thread: Visual Source Safe, Linux, Samba and security
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org