sticky bit

/home/DIR  (777)  has sticy bit enabled. Owner is USER_A

/home/DIR/file_1 (777). Owner is USER_A
/home/DIR/file_2 (777). Owner is USER_B

Then I login as USER_B
1) Delete /home/DIR/file_1  fails as expected as stuicky bit is set on parent DIR and USER_B is not the owner of the file

2) DELETE /home/DIR/file_2 succeeded. Shouldn't this fail too? I understand USER_B is the owner of file "file_2" but there is sticky bit set on parent "DIR". My understanding was only USER_A can delete file/dir within DIR. Not other user can delete even though they owns the file.
I am using ubuntu.
perlperlAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

point_pleasantCommented:
was the file placed there before the suid bit was set on the directory?
usually suid on directory changes owner ship on files created or moved to that directory to the directory owner
0
perlperlAuthor Commented:
no on the parent directot I just set sticky bit
chmod +t  /home/DIR

drwxrwxrwt 3 USER_A USER_A 4096 Oct  4 16:02 DIR
0
point_pleasantCommented:
and when you copy user_b's file into the directory it stays owned as user_b?
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

point_pleasantCommented:
"chmod +t" is basically for sticky bit, if you have set the sticky bit on a directory then it will show you when you do "$ls -l" the directory permission should look like "drwx??????t" sticky bit always comes with others permission and once it is ON, it prevent user to delete files in that directory, except owner and root.
0
perlperlAuthor Commented:
ls -ld /tmp/USERS/DIR
drwxrwxrwt  2   r1    r1     4096 Oct  4 17:10 /tmp/USERS/DIR


ls -ltr /tmp/USERS/DIR/
total 0
-rwxrwxrwx 1   r1    r1 0 Oct  4 17:11      1
-rwxrwxrwx 1   r2    r2 0 Oct  4 17:11      2


sudo su r2
rm /tmp/USERS/DIR/1        --> FAILED as expected
rm: cannot remove `/tmp/USERS/DIR/1': Operation not permitted

#rm /tmp/USERS/DIR/2      --> SUCCEEDED  (Should this succeed  ??? )
Agreed I am login as r2 and file /tmp/USERS/DIR/2 also belongs to r2   but parent "DIR" has sticky bit. I thought no user other than "r1" can delete files under "DIR"
0
point_pleasantCommented:
yes it should r2 is owner of the file, root and file owner can delete check if user_a can remove user_b file it should not be able to
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TintinCommented:
The sticky bit on a directory just prevents a user deleting a file/dir that is not owned by them even if they have group/other write permissions on the file/dir.
0
point_pleasantCommented:
tintin's answer is almost the same that I posted 4 hours earlier except he leaves out the root exception.  if root is not the owner root can still remove
0
Daniel HelgenbergerCommented:
Can you please elaborate on what you want to achieve? if it comes down to file system permissions like access/delete, do not use sticky bits but ACLs/default ACLs.
This is the only way you can guarantee new files in your directory shave the correct permissions. Setting a default ACL for a directory with d:
setfacl -m d:u:User_A:rwx,d:g:group_a:rx /tmp/USRERS/DIR 

Open in new window


Also read:
https://help.ubuntu.com/community/FilePermissions
0
simon3270Commented:
The owner of the parent file is not relevant (for example, /tmp often has the sticky bit set, and that is usually owned by root).  All that matters is that the sticky bit is set.  Then,  as long as the usual rwx permissions allow a user to delete a file (hence the 777 permissions on root), they can delete it only if they own it.

So, because the permissions on DIR are 777, and since User_B owns file_2, they can delete it.
0
SandyCommented:
So many answers !!!

Simple thing is if parent directory is having ownership with any user then that user can do anything inside that folder. Parent will override any kind of child attribute.
0
perlperlAuthor Commented:
Thanks for the clarification
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.