Setting the sticky bit on a directory restricts file deletion to only the file owner. If you have ever wondered what is sticky bit in linux, this simple permission flag is a security feature that prevents users from deleting files they do not own, even when they have write access to the directory. It is commonly used on shared directories like /tmp to keep things orderly and safe.
When you set the sticky bit, only the root user and the file owner can delete or rename files inside that directory. Other users can still create, read, and modify files they own, but they cannot touch anyone else’s files. This is a lifesaver on multi-user systems where you want collaboration without chaos.
In this article, we will break down everything you need to know about the sticky bit. You will learn how it works, how to set it, and when to use it. By the end, you will be confident applying this permission to your own Linux directories.
What Is Sticky Bit In Linux
The sticky bit is a special permission flag in Linux that changes how files and directories behave. Originally, it was used to keep executable programs in memory after they finished running, but modern Linux uses it almost exclusively for directories.
When applied to a directory, the sticky bit ensures that only the file owner, the directory owner, or the root user can delete or rename files inside it. Other users with write permission on the directory cannot remove files they do not own. This is the core answer to what is sticky bit in linux.
You can spot the sticky bit by looking at the directory’s permissions. Instead of the usual x in the “others” execute position, you will see a t. For example, drwxrwxrwt indicates the sticky bit is set. If the t is lowercase, the execute bit is also set. If it is uppercase T, the execute bit is missing.
How The Sticky Bit Appears In Permissions
When you run ls -l on a directory with the sticky bit, the last character of the permission string changes. Here is a quick breakdown:
drwxrwxrwt– sticky bit set, execute permission for others is ondrwxrwxr-T– sticky bit set, execute permission for others is offdrwxrwxrwx– no sticky bit, normal permissions
The t or T replaces the usual x or - in the last position. This is your visual cue that the sticky bit is active.
Why Use The Sticky Bit
The sticky bit solves a common problem on shared systems. Imagine a directory where multiple users have write access. Without the sticky bit, any user could delete or rename files belonging to others. This can lead to accidental data loss or malicious tampering.
By setting the sticky bit, you give users the freedom to create and edit their own files while protecting everyone else’s work. It is a simple but powerful way to maintain order in shared spaces.
Common Use Cases
- Shared temporary directories: The
/tmpdirectory on most Linux systems has the sticky bit set. Any user can create files there, but only they can delete them. - Collaborative project folders: Teams working on shared servers can use the sticky bit to prevent accidental deletions.
- Upload directories for web applications: If users upload files to a shared folder, the sticky bit stops one user from removing another’s uploads.
How To Set The Sticky Bit
Setting the sticky bit is straightforward. You can use either the chmod command with octal notation or symbolic mode. Both methods work the same way.
Using Symbolic Mode
To set the sticky bit on a directory, run:
chmod +t /path/to/directoryFor example, to set it on a folder called shared in your home directory:
chmod +t ~/sharedTo remove the sticky bit, use chmod -t.
Using Octal Notation
The sticky bit is represented by the value 1000 in octal permissions. You add this to the existing permission set. For example, to give full read, write, and execute permissions to everyone and set the sticky bit:
chmod 1777 /path/to/directoryThe 1 before the usual three-digit permission number adds the sticky bit. Here are some common examples:
chmod 1777– full permissions for everyone with sticky bitchmod 1755– read and execute for everyone, write for owner, with sticky bitchmod 1000– only the sticky bit, no other permissions
Checking If The Sticky Bit Is Set
Use the ls -ld command to view the permissions of a directory:
ls -ld /tmpYou will see output like drwxrwxrwt. The t at the end confirms the sticky bit is active.
How The Sticky Bit Works In Practice
Let us walk through a real-world example. Suppose you have a directory /projects with permissions 777 (full access for everyone). Two users, Alice and Bob, both have write access. Without the sticky bit, Alice could delete Bob’s files. This is risky.
Now set the sticky bit on /projects:
chmod +t /projectsNow Alice can create and edit her own files, but if she tries to delete a file owned by Bob, she gets a “Permission denied” error. Only Bob or root can delete Bob’s files. This is the sticky bit in action.
What The Sticky Bit Does Not Do
It is important to understand the limits of the sticky bit. It does not prevent users from reading or modifying files they do not own. If a file has read permission for others, anyone can view its contents. The sticky bit only controls deletion and renaming.
Also, the sticky bit does not affect the root user. Root can always delete any file, regardless of permissions. This is a fundamental rule of Linux security.
Sticky Bit Vs Other Special Permissions
Linux has three special permissions: setuid, setgid, and the sticky bit. Each serves a different purpose. Here is a quick comparison:
- Setuid (SUID): When set on an executable, it runs with the permissions of the file owner, not the user who runs it.
- Setgid (SGID): On a directory, new files inherit the group of the directory. On an executable, it runs with the group of the file.
- Sticky bit: On a directory, it restricts deletion to file owners.
You can combine these permissions. For example, a directory might have both SGID and the sticky bit set. This is common in team collaboration folders.
When Not To Use The Sticky Bit
The sticky bit is not always the right choice. If you want to completely control who can write to a directory, use standard Unix permissions instead. The sticky bit is only useful when multiple users need write access but should not delete each other’s files.
Avoid using the sticky bit on directories where you want users to manage files collectively. For example, a shared dropbox where anyone can delete outdated files should not have the sticky bit.
How To Remove The Sticky Bit
Removing the sticky bit is as easy as setting it. Use the symbolic mode with a minus sign:
chmod -t /path/to/directoryOr use octal notation without the 1000 value. For example, if the directory currently has 1777, change it to 0777:
chmod 0777 /path/to/directoryAfter removal, any user with write permission can delete files owned by others. Be careful when doing this on shared directories.
Sticky Bit On Files
While the sticky bit is primarily used on directories, it can technically be set on files. However, modern Linux kernels ignore it for regular files. The historical use was to keep executable programs in memory, but that behavior is obsolete.
If you set the sticky bit on a file, it has no practical effect. You will not see any change in how the file behaves. Stick to using it on directories for real security benefits.
Real World Example: The /Tmp Directory
Every Linux system has a /tmp directory with the sticky bit set. Check it yourself:
ls -ld /tmpYou will likely see drwxrwxrwt. This means any user can create files in /tmp, but only the file owner can delete them. This prevents one user from filling the directory and then deleting another user’s temporary files.
Without the sticky bit, /tmp would be a mess. Users could accidentally or maliciously wipe out each other’s data. The sticky bit keeps it functional for everyone.
Common Mistakes And Troubleshooting
Here are a few pitfalls to watch out for when working with the sticky bit:
- Forgetting to set execute permission: If the directory lacks execute permission for others, the sticky bit shows as
Tinstead oft. Users cannot access the directory at all, so the sticky bit becomes irrelevant. - Thinking it protects files from modification: The sticky bit only prevents deletion and renaming. Users can still overwrite file contents if they have write permission on the file itself.
- Applying it recursively: The sticky bit only affects the directory it is set on, not subdirectories. You must set it on each directory individually if needed.
Best Practices For Using The Sticky Bit
Follow these guidelines to get the most out of the sticky bit:
- Always set the sticky bit on shared writable directories like
/tmpand/var/tmp. - Combine the sticky bit with SGID to ensure new files inherit the correct group.
- Use the sticky bit on project directories where multiple users contribute files.
- Regularly audit directories with the sticky bit to ensure permissions are still appropriate.
- Document your permission setup so other admins understand why the sticky bit is used.
Security Considerations
The sticky bit is a security feature, but it is not foolproof. Remember that root can always bypass it. Also, users can still read and modify files they do not own if file permissions allow it.
For stronger security, combine the sticky bit with proper file ownership and restrictive permissions. For example, set a directory to 1770 so only a specific group can access it, and then apply the sticky bit.
Do not rely solely on the sticky bit to protect sensitive data. It is a tool for convenience and basic order, not a replacement for access control lists (ACLs) or encryption.
How To View Sticky Bit In Scripts
If you need to check the sticky bit programmatically, use the stat command or parse the output of ls. Here is a simple bash example:
if [ -k /path/to/directory ]; then
echo "Sticky bit is set"
else
echo "Sticky bit is not set"
fiThe -k test operator checks for the sticky bit. This is useful in scripts that manage shared directories.
Sticky Bit On Different Filesystems
Most Linux filesystems support the sticky bit, including ext4, XFS, Btrfs, and ZFS. However, some network filesystems like NFS may have limitations. If you mount a remote directory, check whether the sticky bit is honored.
On NFS, the sticky bit works as long as the server supports it. The client sees the permission flag and enforces it locally. But if the server does not enforce it, the protection is weak.
Frequently Asked Questions
What Is The Sticky Bit In Linux Used For?
The sticky bit is used on directories to prevent users from deleting or renaming files they do not own. It is commonly set on shared directories like /tmp.
How Do I Set The Sticky Bit In Linux?
Use the command chmod +t /path/to/directory to set it, or use octal notation like chmod 1777. Check it with ls -ld.
Does The Sticky Bit Affect File Permissions?
No, the sticky bit only affects deletion and renaming of files within a directory. It does not change read, write, or execute permissions on files.
Can Root Delete Files In A Sticky Bit Directory?
Yes, root can always delete any file regardless of the sticky bit. The sticky bit only restricts regular users.
What Is The Difference Between Sticky Bit And Setgid?
The sticky bit prevents deletion of files by non-owners. Setgid on a directory makes new files inherit the directory’s group. They serve different purposes and can be used together.
Conclusion
Now you know what is sticky bit in linux and how to use it effectively. This simple permission flag is a powerful tool for managing shared directories. It keeps multi-user environments organized and prevents accidental or malicious file deletions.
Remember to set the sticky bit on any directory where multiple users need write access but should not delete each other’s files. Check it with ls -ld and remove it when no longer needed. With this knowledge, you can make your Linux system more secure and user-friendly.
Go ahead and experiment with the sticky bit on a test directory. You will quickly see how it changes the behavior of shared spaces. It is one of those small features that makes a big difference in everyday Linux administration.