Solved

permision bits question

Posted on 2003-10-23
4
1,394 Views
Last Modified: 2008-02-01
Hi ,

can someone tell me what is the meaning of the T bit in the permission

i mean

DrwxrwxrwxT

Thanks
Victor
0
Comment
Question by:victorbx
4 Comments
 
LVL 18

Assisted Solution

by:liddler
liddler earned 100 total points
Comment Utility
It's the sticky bit, usually set for /tmp - from chmd(2) man page:

If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2) ):
the user owns the file
the user owns the directory
the file is writable by the user
the user is a privileged user



It is to prevent users deleting other users files in a shared / scratch directory like /tmp
0
 
LVL 45

Accepted Solution

by:
sunnycoder earned 200 total points
Comment Utility
Hi victorbx,

liddler is right ... t means sticky bit

When the sticky bit (t) is turned on for a directory users can have read and/or write permissions for that directory, but they can only remove or rename files that they own. The sticky bit on a file tells the operating system that the file will be executed frequently. Files like this are kept in swap space even when they aren't being executed. Although this takes up swap space it greatly reduces the time it takes to execute the program. Programs such as vi have the sticky bit turned on by default.

Once upon a time, Unix didn't have paged virtual memory.  Setting the sticky
bit on an executable caused the kernel to keep the text image in core (make
it `sticky') after a process using it had closed.  This was typically done
on often-used binaries, such as /bin/sh or /bin/vi.

Later on, people noticed a security hole on /tmp: since it has world-write
permission (so that anyone can create temporary files there) it's possible
to delete other people's files.  The solution was to overload the meaning of
the sticky bit for directories: if a directory is sticky, then you can only
delete files in that directory if you own them (or if you're root).

Eventually, when paged virtual memory became standard, kernels ignored the
sticky bit on files, but the name remained for the use of the bit on
directories.
http://osr5doc.ca.caldera.com:457/OSAdminG/ssC.stickydirs.html

Cheers!
Sunny:o)
0
 
LVL 1

Assisted Solution

by:zafar_ayub
zafar_ayub earned 200 total points
Comment Utility
Hi;

This means only the owner of a file can remove or rename it.
Very handy in shared directories like /tmp.

The chmod man page does not indicate the affect of the "t"/leading
1/stick bit attribute on directories.  I'm told that this prevents
unprivileged users from deleting files that they /do/ have write
access to.  I haven't tested this, but I imagine that it is common
knowledge.  

Just to clear up the confusion here.  The 't' bit has an original
meaning for executable programs.  [Keep a copy of the text (which
means code in unix speak) on the swap disk so that it loads faster on
subsequent runs because it can stream the preloaded image from the
swap disk instead of loading from the filesystem disk.  For various
reasons I think this is better to be avoided with modern operating
systems.  It was implemented while UNIX was still extremely primitive.
Much time has passed since then.]  But this did not have a meaning
when applied to directories.  Therefore when a need to create
functionality regarding directories arose they overloaded the 't'ext
bit and gave it a unique meaning when applied to a directory.

On a directory the 't' bit means that if you do not own the file you
cannot delete it.  This is needed on shared, writable directories like
/tmp to prevent one user from deleting another user's files.  Many
programs, like vi as one example, use /tmp for temporary files.
Without the 't' bit anyone could wipe out the entire /tmp directory
and break random programs.  Some of those programs would include
system processes as well.  Therefore shared writable directories
usually require the 't' bit for protection.  It allows you to create
files but prevents you from deleting files created by other users.

Hope this helps
0
 
LVL 4

Author Comment

by:victorbx
Comment Utility
Thank you for the greate answers

from all of you


Victor

0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Occasionally Windows/Microsoft Updates will fail to update. We have found a code that will delete all temporary files and re-register all dll's related to Windows/Microsoft Updates! This works 99% of the time to get the updates working again! The…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now