[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Easy (?) permissions question



SILUG said:
> So... why can't I delete the file as "charlie"?

You've discovered the sticky bit.

Under normal circumstances, you need write permissions on a directory
in order to delete files.  If you can write to the directory, you can
delete *any* file whether you have read or write permissions on the
file or not.

Setting the sticky bit ("chmod o+t directory") on a directory changes
the requirements for deleting directory entries.  In order to delete a
file, you not only need write permission, but you must own the file.

Without this, /tmp would be worthless, since any user could delete any
other user's files.

BTW, the term "sticky bit" has a historical meaning that is no longer
true...  From The Free On-line Dictionary of Computing (13 Mar 01): 

  sticky bit

     The bit in the mode of a Unix file which, if set for an
     executable, tells the kernel to keep the code loaded in swap
     space even after it has finished executing on the assumption that
     it is likely to be used again soon.  This performance
     optimisation was included in some early (and recent?) versions of
     Unix to save reloading frequently used programs such as the shell
     or vi from disk.

Then there's the current meaning:

     If the sticky bit is set on a directory, an unprivileged user
     may not delete or rename files of other users in that
     directory even if he has write access to the directory.

     The Unix "ls" command displays a set sticky bit as a "t" in
     the permissions of a file or directory.

(BTW, www.dict.org is your friend.  :-)

Steve
-- 
steve@silug.org           | Southern Illinois Linux Users Group
(618)398-7360             | See web site for meeting details.
Steven Pritchard          | http://www.silug.org/
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.