What is the "Sticky Bit"? ("t" and "T"). The sticky bit is primarily used on shared directories with open permissions, such as /var/tmp and /tmp. Directories with open permissions (or publicly writable) present a lot of problems because users **CAN CREATE** files, **READ/EXECUTE** files owned by other users, and at the same time are **ALLOWED EDIT/REMOVE** privileges to files owned by other users.
With sticky bit set on publicly writable directories, users **CAN CREATE** files, **READ/EXECUTE** those files as well as files owned by other users, but are **NOT ALLOWED EDIT/REMOVE** privileges to files they don't own. The only exception to this is the super-user root which can edit or remove files.
In simple terms, sticky bit is used to indicate special treatment of certain directories. A directory for which the sticky bit is set restricts deletion or modification of files it contains. A file in a sticky bit set directory may only be removed, modified or renamed by a user who has write permission on the directory, and either owns the file, owns the directory, or is the super-user. This is useful for directories such as /tmp, which must be publicly writable, but should deny users permission to arbitrarily delete or rename the files of others.
It is worthy to note here that the directories with open permissions (or publicly writable) can be any arbitrary directory, not just limited to /tmp and /var/tmp. Its just that /tmp and /var/tmp exist by default on the system.
Which directory has sticky permissions? How do you identify a directory that has sticky bit set? To illustrate further see the example below.
user@host# ls -ld /sticky/directory drwxrwxrwt 2 user group 512 Jun 20 11:02 /sticky/directory
On the output of the "ls" command, see the "t" (on drwxrwxrwt)? That tells us that the sticky bit is set.
A "T" refers to when the execute permissions are OFF.
A "t" refers to when the execute permissions are ON.
How to set sticky bit permissions. The leading "1" in the "chmod" command sets the sticky bit.
user@host# chmod 1777 /sticky/directory (permissions for "other" have execute bit ON) drwxrwxrwt user@host# chmod 1776 /sticky/directory (permissions for "other" have execute bit OFF) drwxrwxrwT
The equivalent of the above commands in another syntax.
Or..user@host# chmod o+t /sticky/directory user@host# chmod o+x /sticky/directory drwxrwxrwt user@host# chmod o+t /sticky/directory user@host# chmod o-x /sticky/directory drwxrwxrwT
user@host# chmod o=rwxt /sticky/directory drwxrwxrwt user@host# chmod o=rwt /sticky/directory drwxrwxrwT
There you go, more information regarding sticky bit. To my knowledge, sticky bit for files are not supported by any modern implementation of Unix or Linux. It is only significant and applicable to directories.