The sticky bit is a special permission in Unix-like operating systems, including Linux, that can be set on directories to control user deletion privileges. When the sticky bit is set on a directory, only the directory’s owner, the file’s owner, or the root user can delete or rename files within that directory, even if other users have write permissions.
Key Points:
- Usage: The sticky bit is commonly used on shared directories, such as
/tmp, where multiple users have write access. It prevents users from accidentally or maliciously deleting or renaming each other’s files. - Setting the Sticky Bit:
- Command: You can set the sticky bit using the
chmodcommand. - Syntax:
bash chmod +t /path/to/directory - Example:
chmod +t /tmpThis command ensures that only the owner of a file in/tmpcan delete or rename it. - Checking the Sticky Bit:
- You can check if the sticky bit is set by listing the directory with
ls -ld. Atat the end of the permissions string indicates the sticky bit is set. - Example:
bash ls -ld /tmp
Output might look like:drwxrwxrwt 10 root root 4096 Aug 19 12:34 /tmp
Thetindrwxrwxrwtshows that the sticky bit is set.
Example Scenario:
- /tmp Directory: The
/tmpdirectory is a classic example where the sticky bit is typically set. Multiple users can create files in/tmp, but thanks to the sticky bit, only the owner of a file can delete or rename it, ensuring users cannot tamper with each other’s files.
The sticky bit is a simple yet effective way to add an extra layer of security in environments with shared directories.
