Linux: Sticky Bit

The Sticky bit is used to indicate special permissions for files and directories in linux. If Sticky bit is enabled on a directory it will restrict file deletion for users other then root or owner of the file.

The file can still be deleted by owner and root users however it wont be deleted by other users. This is useful for publically accessible directories like /tmp.

How does sticky bit works?

Let say that you have two users on a linux server called userA and userB. Root user goes in and creates a directory with 777 permissions.

Then userA and userB logs on to the server and creates files in the same directory where root user has given 777 permissions.

Now, the problem here is that userA can see files created by userB and he should be able to delete these files because of 777 permissions.

To prevent this issue root user goes in and sets a sticky bit on this new directory therefore userA can see userB files however he wont be able to delete userB's files.

However, userA or root user can delete file created by userA but userB wont be able to delete file created by userA.

How to set  sticky bit on a directory in linux?

In order to set sticky bit on a directory use chmod command as shown below:

# login as root and create a directory
ssh root@server

# lets create a directory under temp
cd /tmp

# create a new directory
mkdir stickybit/

# now allow 777 permissions along with sticky bit for this dir
chmod 1777 stickybit/

# check the permisisons of the dir
ls -ltd stickybit/

# output of the above command
drwxrwxrwt 2 root root 18 Feb 10:00 stickybit/

If you look at ther permission closely you will see t at the end of the other user permissions which indicates that sticky bit is set.

  • small t represent       -> rwx permissions
  • capital T represent  -> rw only permissions

Check out the following diagram: