Solved

permision bits question

Posted on 2003-10-23
4
1,396 Views
Last Modified: 2008-02-01
Hi ,

can someone tell me what is the meaning of the T bit in the permission

i mean

DrwxrwxrwxT

Thanks
Victor
0
Comment
Question by:victorbx
4 Comments
 
LVL 18

Assisted Solution

by:liddler
liddler earned 100 total points
ID: 9605511
It's the sticky bit, usually set for /tmp - from chmd(2) man page:

If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2) ):
the user owns the file
the user owns the directory
the file is writable by the user
the user is a privileged user



It is to prevent users deleting other users files in a shared / scratch directory like /tmp
0
 
LVL 45

Accepted Solution

by:
sunnycoder earned 200 total points
ID: 9605588
Hi victorbx,

liddler is right ... t means sticky bit

When the sticky bit (t) is turned on for a directory users can have read and/or write permissions for that directory, but they can only remove or rename files that they own. The sticky bit on a file tells the operating system that the file will be executed frequently. Files like this are kept in swap space even when they aren't being executed. Although this takes up swap space it greatly reduces the time it takes to execute the program. Programs such as vi have the sticky bit turned on by default.

Once upon a time, Unix didn't have paged virtual memory.  Setting the sticky
bit on an executable caused the kernel to keep the text image in core (make
it `sticky') after a process using it had closed.  This was typically done
on often-used binaries, such as /bin/sh or /bin/vi.

Later on, people noticed a security hole on /tmp: since it has world-write
permission (so that anyone can create temporary files there) it's possible
to delete other people's files.  The solution was to overload the meaning of
the sticky bit for directories: if a directory is sticky, then you can only
delete files in that directory if you own them (or if you're root).

Eventually, when paged virtual memory became standard, kernels ignored the
sticky bit on files, but the name remained for the use of the bit on
directories.
http://osr5doc.ca.caldera.com:457/OSAdminG/ssC.stickydirs.html

Cheers!
Sunny:o)
0
 
LVL 1

Assisted Solution

by:zafar_ayub
zafar_ayub earned 200 total points
ID: 9605867
Hi;

This means only the owner of a file can remove or rename it.
Very handy in shared directories like /tmp.

The chmod man page does not indicate the affect of the "t"/leading
1/stick bit attribute on directories.  I'm told that this prevents
unprivileged users from deleting files that they /do/ have write
access to.  I haven't tested this, but I imagine that it is common
knowledge.  

Just to clear up the confusion here.  The 't' bit has an original
meaning for executable programs.  [Keep a copy of the text (which
means code in unix speak) on the swap disk so that it loads faster on
subsequent runs because it can stream the preloaded image from the
swap disk instead of loading from the filesystem disk.  For various
reasons I think this is better to be avoided with modern operating
systems.  It was implemented while UNIX was still extremely primitive.
Much time has passed since then.]  But this did not have a meaning
when applied to directories.  Therefore when a need to create
functionality regarding directories arose they overloaded the 't'ext
bit and gave it a unique meaning when applied to a directory.

On a directory the 't' bit means that if you do not own the file you
cannot delete it.  This is needed on shared, writable directories like
/tmp to prevent one user from deleting another user's files.  Many
programs, like vi as one example, use /tmp for temporary files.
Without the 't' bit anyone could wipe out the entire /tmp directory
and break random programs.  Some of those programs would include
system processes as well.  Therefore shared writable directories
usually require the 't' bit for protection.  It allows you to create
files but prevents you from deleting files created by other users.

Hope this helps
0
 
LVL 4

Author Comment

by:victorbx
ID: 9606103
Thank you for the greate answers

from all of you


Victor

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now