About sticky bit and security

Sticky bit permits only the owner to delete the file. And this feature is named "security", well let say someone has  a file important.txt, it has sticky bit set on. Now I can just perform : echo "" > important.txt and the user will loose all his important data. So what kind of "security" we're talking about ? I see no real value of using "sticky bit".
  • post-author-pic
    James M
    12-29-2018

    Denis,


    The sticky bit is intended for directories, not regular files.  This is mainly used when users are granted permission to files within a directory via the group permissions on that directory.

    Here is a scenario that might explain it better.  The users dev1 and dev2 are both in the group developers.  Both users own files in the directory /tmp/developers.   The /tmp/developers directory is owned by the user root and the group developers and the permissions are rwxrwx---.    In this scenario, the ability to delete files in a directory are controlled by the directory permissions, not by individual files inside the directory.   With these permissions, it is possible for users dev1 and dev2 to delete each others files.  They are essentially modifying the directory contents, not the files themselves.  

    To protect files from deletion by other users you would use the sticky bit (chmod +t /tmp/developers).  If you wanted to prevent another user from overwriting individual files you would use standard linux file permissions.  (something like chmod 640 important.txt, or chmod g-w important.txt).

  • post-author-pic
    Terrence C
    12-31-2018

    Fantastic answer James!

Looking For Team Training?

Learn More