How the Sticky Bit Works in Linux

Last updated: September 23, 2024

Reviewed by: David Martinez
Baeldung Pro – Linux – NPI EA (cat = Baeldung on Linux)
announcement - icon

Learn through the super-clean Baeldung Pro experience:

>> Membership and Baeldung Pro.

No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.

Partner – Orkes – NPI EA (tag=Kubernetes)
announcement - icon

Modern software architecture is often broken. Slow delivery leads to missed opportunities, innovation is stalled due to architectural complexities, and engineering resources are exceedingly expensive.

Orkes is the leading workflow orchestration platform built to enable teams to transform the way they develop, connect, and deploy applications, microservices, AI agents, and more.

With Orkes Conductor managed through Orkes Cloud, developers can focus on building mission critical applications without worrying about infrastructure maintenance to meet goals and, simply put, taking new products live faster and reducing total cost of ownership.

Try a 14-Day Free Trial of Orkes Conductor today.

1. Overview

The sticky bit is a special permission in Linux that affects directory access and plays an essential role in managing shared directories. It does so by preventing users from deleting or renaming files that don’t belong to them.

In this tutorial, we’ll understand how the sticky bit works in Linux. We’ll also learn how crucial it is for system administrators to manage multiple user environments.

2. How Does the Sticky Bit Work?

Historically, the sticky bit was used to instruct the system to keep a program’s text segment in swap memory after its execution to speed up future runs of the same program. However, this usage has largely fallen out of favor as memory management has improved. Today, the sticky bit is primarily used with directories.

When applied to a directory, it allows us to create and modify our files within the directory while preventing them from being deleted or renamed by others, even if they have write permissions on the directory. This behavior is particularly useful in shared directories like /tmp.

When we set the sticky bit on a directory, it alters the way file deletion and renaming work within that directory. Normally, if a user has write access to a directory, he can delete or rename any file, regardless of who owns the file. The sticky bit changes this by restricting the deletion and renaming of files to only the file owner, the directory owner, or the root user.

This is particularly useful in multi-user environments to prevent accidental or malicious file deletions in shared directories.

3. Setting the Sticky Bit

To set the sticky bit on a directory, we use the chmod command. It’s represented by the octal value 1 when used in conjunction with other permissions. Let’s understand this by setting it on /shared.

Suppose we have a shared directory /shared, where multiple users can create files. To prevent users from deleting each other’s files, we can set the sticky bit on this directory:

$ sudo chmod +t /shared

Alternatively, we can use the octal representation to set the permissions, including the sticky bit explicitly. Suppose, we want to set the directory’s permissions to rwxrwxrwt (full permissions for the owner and group, plus the sticky bit):

$ sudo chmod 1777 /shared

In the example above, 1 represents the sticky bit, whereas, 7 represents read, write, and execute permissions for the owner, group, and others.

4. Checking if the Sticky Bit Is Set

We can check whether the sticky bit is set on a directory by using the ls -l command. It’s denoted by a t in the directory’s permissions list:

$ ls -ld /tmp

The output might look like:

drwxrwxrwt 10 root root 4096 Sep 13 12:34 /tmp

In this case, the t at the end of the permissions (drwxrwxrwt) indicates that the sticky bit is set. Without it, the final character would be a regular x (executable permission).

5. Practical Usage

Most commonly, we use the sticky bit on directories that are accessible by multiple users, such as:

  • /tmp: It is set by default on the /tmp directory. This ensures users can only delete or rename their files, even though the directory is world-writable.
  • Shared Directories: Let’s suppose, we create shared directories where multiple users need to collaborate. Now, setting the sticky bit becomes essential as we want to protect users’ files from being modified or deleted by others.

6. Conclusion

In this article, we discussed the sticky bit as a simple yet powerful tool for managing file permissions in shared directories in Linux.

We learned how by applying it, system administrators control file deletion and renaming within directories, preventing users from accidentally or intentionally deleting files they don’t own. It proves to be a valuable feature, particularly in multi-user environments, where file security and integrity are critical.