Linux: The Sticky, SUID and SGID Bits
I’m sure anyone who has used Linux has heard of the Sticky, SUID or SGID bits. The most common (and easiest to explain) is the infamous "Sticky Bit".
The Sticky Bit
Back when systems had kilobytes of RAM (instead of gigabytes), this bit was used to mark a file (program) to run, and remain, primarily in memory. This was a great benefit back in "the day". Now the most common use for the sticky bit is to maintain the integrity of publicly accessible directories.
Setting the Sticky Bit
To set the sticky bit use this command:
# chmod +t <file/directory>
Looking for the Sticky Bit
To identify the sticky bit use the standard "ls" command to show all files. Look for a (t) in the listing.
-rw-r–r-T 1 root root 0 Jul 14 21:14 foo
The SUID Bit
SUID stands for "Set User ID". The SUID makes the program run as the user who owns the program (instead of the current user). I have an application called "test" which is owned by "dale" and the user "al" runs "test" the program will still run as "dale" if the SUID bit is set.
Setting the SUID Bit
To set the SUID bit use this command:
# chmod +s <file/directory>
Looking for the SUID Bit
To identify the SUID bit use the standard "ls" command to show all files. Look for an (S) in the listing.
-rwSr-Sr– 1 root root 0 Jul 14 21:14 foo
The SGID Bit
The SGID bit is much like the SUID bit but runs a program only as the set group ID group.
Setting SUID for user and not group
# chmod u+s <file/directory>
Setting sticky bit for group only
# chmod g+t <file/directory>