Paranoid Penguin - Linux Filesystem Security, Part II

We covered the fundamentals of permissions last month. Now it's time to learn some useful bits to make cooperation among users convenient and secure.

Last time, we looked at file and directory permissions from the ground up—what users and groups are and how to set and remove read, write and execute permissions on files and directories. In this column, we look at some more advanced types of permissions, explore permission numeric modes and the command umask and see how to delegate root's authority with su and sudo. This article contains more intermediate-level information than last month's, but hopefully it should make sense, even if all you know about permissions is what you read here last time.

The Sticky Bit

Recall last month's long listing of the extreme_casseroles/ directory:

drwxr-x--- 8  biff drummers 288 Mar 25 01:38 extreme_casseroles

Recall also that we set the group permissions on this directory to r-x, that is, group-readable and group-executable, so that our fellow members of the drummers group could enter this directory and enjoy the recipes stored therein.

Suppose that our drummer friend Biff wants to allow his fellow drummers not only to read his recipes but to add their own as well. As we saw last time, all he needs to do is set the group-write bit for this directory, like this:

chmod g+w ./extreme_casseroles

There's only one problem with doing that, however. Write permissions include both the ability to create new files in this directory and also to delete them. What's to stop one of his drummer pals from deleting other people's recipes? The sticky bit, that's what.

In olden times, the sticky bit was used to write a file (program) to memory so it would load more quickly when invoked. On Linux, however, it serves a different function. When you set the sticky bit on a directory, it limits people's ability to delete things in that directory. That is, to delete a given file in the directory you either must own that file or own the directory, even if you belong to the group that owns the directory and group-write permissions are set on it.

To set the sticky bit, issue the command:

chmod +t directory_name

In our example, this would be chmod +t extreme_casseroles. If we now do a long listing of the directory itself, by using ls with the -d option to list the directory's permissions rather than its contents, that is, ls -ld extreme_casseroles, we see:

drwxrwx--T 8  biff drummers  288  Mar 25 01:38 extreme_casseroles

Notice the T at the end of the permissions. We'd normally expect to see either x or - there, depending on whether the directory is other-writable. The T denotes that the directory is not other-executable and has the sticky bit set. A lowercase t would denote that the directory is other-executable and has the sticky bit set.

To illustrate what effect this restriction has, suppose a listing of the contents of extreme_casseroles/ looks like Listing 1.

Suppose further that the user crash tries to delete the file pineapple_mushroom_surprise.txt, which crash finds offensive. crash expects this to work, because he belongs to the group drummers and the group-write bit is set on this file. Remember, though, that biff set the parent directory's sticky bit. Therefore, crash's attempted deletion fails, as we see in Listing 2.

One more note on the sticky bit: it only applies to the directory's first level downward. In Listing 1, you may have noticed that besides the two nasty recipes, extreme_casseroles/ also contains another directory, src. The contents of src will not be affected by extreme_casseroles' sticky bit, although the directory src itself is. If biff wants to protect src's contents from group deletion, he needs to set src's own sticky bit.



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.


Trupti's picture

Helpful post. Every bit is covered here.Thank you.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState