Thursday, June 2, 2016

[Quick Tips: Sticky Bits]: sticky bit permission explained Linux

sticky bit permission explained Linux

Think of a scenario where you create a Linux directory that can be used by all the users of the Linux system for creating files. Users can create, delete or rename files according to their convenience in this directory. For all those who think that why would such a directory be created? There exists, for example, /tmp directory in the Linux system that can be used by different Linux users to create temporary files.
Now, what if an user accidentally or deliberately deletes (or rename) a file created by some other user in this directory?
Well, to avoid these kind of issues, the concept of sticky bit is used.
A Sticky bit is a permission bit that is set on a file or a directory that lets only the owner of the file/directory or the root user to delete or rename the file. No other user is given privileges to delete the file created by some other user.
History of Sticky Bit
Before explaining the sticky bit further, lets discuss the history of sticky bit as this information is worth discussing.
The sticky bit is not a new concept. In fact, it was first introduced in in 1974 in the Unix operating system. The purpose of sticky bit back then was different. It was introduced to minimize the time delay introduced every time when a program is executed.
When a program is executed, it takes time to load the program into memory before the user can actually start using it. If a program, for example an editor is used frequently by users the the start-up time delay was an overhead back then.
To improve this time delay, the sticky bit was introduced. The OS checked that if sticky bit on an executable is ON, then the text segment of the executable was kept in the swap space. This made it easy to load back the executable into RAM when the program was run again thus minimizing the time delay.
Though this method proved successful in minimizing the start-up time delay but there was a major problem that surfaced due to this operation. The problem was that if some kind of patch was applied to the executable as a bug fix or a new feature then the following steps were to be carried to out :
  • First remove the sticky bit from the executable
  • Now, run the executable and exit it so that the existing text segment from the swap is flushed
  • Now, again set the sticky bit on the executable and re-run the executable so that new text segment is stored in swap memory
The above steps were required so that the program reflect the new features or bug fixes that were added to the executable.
So this was one of the main problems. Also, with the evolution of technology, fast memory access techniques evolved which kind of obsoleted the requirement of sticky bit for this purpose.
Sticky bit Examples
In this section, we will discuss how to set and unset sticky bit using some examples.
A basic example
Create a directory and provide all the users read-write-execute access to it :
[root@TechTutorial ~]# mkdir /arkit
[root@TechTutorial ~]# chmod 777 /arkit
[root@TechTutorial ~]# ls -l / |grep ark
drwxrwxrwx.   2 root root       6 Jan 15 22:52 arkit
[root@TechTutorial ~]# ls -ld /arkit/
drwxrwxrwt. 2 root root 6 Jan 15 22:52 /arkit/
the above ‘t’ is the symbol of sticky bit, when your apply an sticky bit the owner only can delete the file / directory. Lets see the practice example below
[root@TechTutorial ~]# cd /arkit/
[root@TechTutorial arkit]# touch techtutorial  <<-- Created a File
[root@TechTutorial arkit]# su - ravi
Last login: Thu Jan 14 21:26:06 IST 2016 on pts/0
[root@TechTutorial arkit]# su - ravi
Last login: Fri Jan 15 22:59:09 IST 2016 on pts/0
[ravi@TechTutorial ~]$ cd /arkit/
[ravi@TechTutorial arkit]$ rm -rf techtutorial  <<<-- Not able to Delete file ( it has full permissions )
rm: cannot remove ‘techtutorial’: Operation not permitted
[ravi@TechTutorial arkit]$ ls -l
total 0
-rwxrwxrwx. 1 root root 0 Jan 15 22:59 techtutorial
to apply sticky bit to file / directory we have to below command
[root@TechTutorial ~]# chmod +t /arkit/
That’s about sticky bit.
Conclusion:  Sticky bit is a security matters, whenever you apply an sticky bit to file / directory which can’t be deleted by other user.

No comments: