On Wed, 29 Nov 2000, Andrew Bacchi wrote:
> Can someone point me to documentation on the web or elsewhere for setting
> the permissions using the sticky bit settings.
An explanation is available here:
http://www.linuxdoc.org/HOWTO/Security-HOWTO-5.html#ss5.2
I, however, consider that explanation to be too brief. Here is my own
explanation of the "special bits" of a Unix file mode:
SUID (Set User ID)
chmod u+s filename
When set on an executable file, the process will take on the UID of the file
owner when run. This is often used to allow unprivileged users to run
selected programs with special privileges. For example, the "passwd" command
is owned by "root" and SUID. When a regular user invokes it, the "passwd"
program is actually run with the permissions of the "root" user. (This is
needed because only "root" can modify the password database.)
When set on a non-executable file, does nothing.
When set on a directory, does nothing.
SGID (Set Group ID)
chmod g+s filename
For executable files, functions like SUID (see above), except for groups and
group owners instead of users and user owners.
When set on a non-executable file, marks the file for mandatory file
locking.
When set on a directory, causes items created under that directory to be
owned by the group owner of the directory (rather then the primary group of
the creator). Directories being created get the SGID bit set as well; new
directories "inherit" SGID.
SVTX (Save Text AKA "sticky")
chmod +t filename
When set on an executable file, causes the program "text" (read-only
segments) to be saved in memory and/or swap between executions. Intended to
be used on frequently-used programs, so the system would not have to load them
into memory for each invocation. Improvements in computer technology have
made this feature largely obsolete.
When set on a non-executable file, does nothing.
When set on a directory, prevents users from deleting files they do not own
from that directory. Used on /tmp, for example.
> I need to set permissions on dirs and keep the file within as the same
> owner and group as the dir.
For the user owner, this cannot be done.
To cause created files to get the same group owner as the directory's group
owner, do "chmod g+s dir".
What are you trying to do?
--
Ben Scott <[EMAIL PROTECTED]>
Net Technologies, Inc. <http://www.ntisys.com>
Voice: (800)905-3049 x18 Fax: (978)499-7839
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
