The sticky bit is a special permission in Unix-like operating systems, including Linux, that can be set on directories to control user deletion privileges. When the sticky bit is set on a directory, only the directory’s owner, the file’s owner, or the root user can delete or rename files within that directory, even if other users have write permissions.
Key Points:
- Usage: The sticky bit is commonly used on shared directories, such as
/tmp
, where multiple users have write access. It prevents users from accidentally or maliciously deleting or renaming each other’s files. - Setting the Sticky Bit:
- Command: You can set the sticky bit using the
chmod
command. - Syntax:
bash chmod +t /path/to/directory
- Example:
chmod +t /tmp
This command ensures that only the owner of a file in/tmp
can delete or rename it. - Checking the Sticky Bit:
- You can check if the sticky bit is set by listing the directory with
ls -ld
. At
at the end of the permissions string indicates the sticky bit is set. - Example:
bash ls -ld /tmp
Output might look like:drwxrwxrwt 10 root root 4096 Aug 19 12:34 /tmp
Thet
indrwxrwxrwt
shows that the sticky bit is set.
Example Scenario:
- /tmp Directory: The
/tmp
directory is a classic example where the sticky bit is typically set. Multiple users can create files in/tmp
, but thanks to the sticky bit, only the owner of a file can delete or rename it, ensuring users cannot tamper with each other’s files.
The sticky bit is a simple yet effective way to add an extra layer of security in environments with shared directories.