Wednesday, February 6, 2008

Meanings of four digits in *Nix permissions

SUID or setuid: change user ID on execution. If setuid bit is set, when a file is executed by a user, the process will have the same rights as the owner of the file being executed.
If set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise.

SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
If set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise.


Sticky bit. It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependent and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.
If set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise.


setuid, setgid, sticky bits are cleared
chmod 0777 test.txt = -rwxrwxrwx test.txt
chmod 0666 test.txt = -rw-rw-rw- test.txt

sticky bit is set
chmod 1777 test.txt = -rwxrwxrwt test.txt
chmod 1666 test.txt = -rw-rw-rwT test.txt

setgid bit is set
chmod 2777 test.txt = -rwxrwsrwx test.txt
chmod 2666 test.txt = -rw-rwSrw- test.txt

setgid and sticky bits are set
chmod 3777 test.txt = -rwxrwsrwt test.txt

setuid bit is set
chmod 4777 test.txt = -rwsrwxrwx test.txt
chmod 4666 test.txt = -rwSrw-rw- test.txt

setuid and sticky bits are set
chmod 5777 test.txt = -rwsrwxrwt test.txt

setuid and setgid bits are set
chmod 6777 test.txt = -rwsrwsrwx test.txt

setuid, setgid, sticky bits are set
chmod 7777 test.txt = -rwsrwsrwt test.txt