sstrwxrwxrwx - Unix and Linux file permissions
Archive - Originally posted on "The Horse's Mouth" - 2008-11-23 08:16:18 - Graham EllisHave you ever wondered about those letters that turn up on the left of a long listing (ls -l) report? Here's an example:
drwxrwxrwt 8 root wheel 272 17 Nov 2007 Shared
drwxr-xr-x 14 chris ellis 476 29 Sep 2007 chrise
drwxr-xr-x 270 graham ellis 9180 23 Nov 07:25 grahame
drwxr-xr-x 34 lisa ellis 1156 27 Sep 06:44 lisae
drwxr-xr-x 29 trainee trainee 986 5 Sep 03:55 trainee
-rw-rw-r-- 1 graham ellis 294 23 Nov 07:41 uu
-rw-r----- 1 graham ellis 922 21 Nov 08:45 wb
-rw------- 1 graham ellis 5143 23 Nov 07:25 xxThey're split into two sections.
The first character is the type of symbol (ls literally means "list symbols") with d for directory, - for a plain file, l for a symbolic link - call it a short cut if you're from a Windows background.
The rest is displayed as 3 sets of three. The first group of three tells you what permissions the user (owner of a file or directory) has over it - that's r for readable, w for writable and x for executable. The second group of three is the permissions thank anyone else in the group has, and the final set of three is for otheirs.
The chmod command lets you change the settings - for example
chmod g+w,o=r wbwould change
-rw-r----x 1 graham ellis 922 21 Nov 08:45 wbinto
-rw-rw-r-- 1 graham ellis 922 21 Nov 08:45 wbIf you wonder why a directory is often marked with an "x" ... I can tell you. It's because "x" means 'accessible' and not 'executable' for a directory - so you need to have the x set for things like cd and ls -l to work properly.
And did you notice the "t" in my top sample. There really should be 12 (and not 9) permission letters ... it should read sstrwxrwxrwx. But those extra letters, where necessary, are displayed "on top of" the "x":
What do they mean?
The two "s" letters stand for "set user id" and "set group id". Normally, when you run a program you're running it with your own permissions, but if the "s" bit is set you run it with the permissions of the owner of the file. If you want an example of a practical use of this, take the password changing program /bin/passwd; regular users cannot be allowed to directly read and write the file of passwords on their computer, but they can write back to it via the direct control of the passwd program. It is dangerous to set the s bit on a program of your own unless you are an expert, know what you are doing, and have considered the security implications!
The letter "t" usually turns up on directories rather than plain files these days, and indicates that the directory is to be an "append" directory. With a regular directory which has public write permissions (such as the one called Shared in my example at the top), anyone can create and delete ANY files there. With the "append" bit set, each file within the directory can ONLY be deleted by the owner of the file, the owner of the directory, and root. The effect of the "t" bit, then, is to provide a temporary / scratch area that anyone can use, without the different users of the area being able to interfere with each other.