22

To set the sticky bit on a directory, why do the commands chmod 1777 and chmod 3777 both work?

Improve this question
4
  • 3
    You are proposing a potentially risky operation.The combination sticky bit and rwx permisions for all is bad practice. Anybody can change and execute the file and the s-bit allow switching to root user without pasword. Commented Feb 8, 2013 at 16:37
  • 1
    @jippie setuid and setgid bits go away if the file is modified, so you can't get root access that way. Commented Feb 11, 2013 at 18:47
  • @KyleJones, it's still dangerous. If the passwd binary were world-writable, you wouldn't be able to get root access by modifying it, as you say, but you could replace it with some other binary that everyone would run thereafter, thinking it was passwd. Commented Jan 9, 2016 at 4:22
  • @Wildcard Agreed. Commented Jan 9, 2016 at 4:24

2 Answers 2

Reset to default
42 
     1            1             1         1   1   1      1   1   1      1   1   1
___________   __________   __________    ___ ___ ___    ___ ___ ___    ___ ___ ___ 
setUID bit    setGID bit   sticky bit     user           group          others

Each number (also referred to as an octal because it is base8) in that grouping represents 3 bits. If you turn it into binary it makes it a lot easier.

1 = 0 0 1
3 = 0 1 1
5 = 1 0 1
7 = 1 1 1

So if you did 1777, 3777, 5777, or 7777 you would set the sticky bit because the third column would be a 1. However, with 3777, 5777, and 7777 you are additionally setting other bits (SUID for the first column, and SGID for the second column).

Conversely, any other number in that spot (up to the maximum of 7) would not set the sticky bit because the last column wouldn't be a 1 or "on."

2 = 0 1 0
4 = 1 0 0
6 = 1 1 0

Improve this answer
2
  • 3
    +1 for a nice description of how octal numbers work and how it applies to the file permission bits. Commented Feb 8, 2013 at 14:44
  • 1
    It's called "bitmask", and +1 also for explaining/showing how it can set and clear the Owner Group & Other columns. Commented Dec 30, 2013 at 21:07
17

The permissions passed as an argument to chmod are specified as an octal value. Each numeral in the value represents three bits. If three numerals are given, you're setting the read, write and execute bits for the file's owner, group and others (everyone else). If four numerals are given, the leftmost number sets the setuid, setgid and sticky bits. Octal 1 sets the sticky bit. Octal 2 sets the setgid bit. Octal 2 + octal 1 is octal 3 which sets both the setgid bit and the sticky bit.

Improve this answer
2
  • 1
    Isn't it octal 2 | octal 1 rather than octal 2 + octal 1? The operations happen to have the same result in this case, but in general it's a bitwise or that matters, isn't it? Commented Feb 8, 2013 at 9:06
  • 1
    @gerrit Yes, in the general case you should be looking at the binary or operator. However, as you point out, in this case it works out to the same result, and plenty more people are familiar with addition. Commented Feb 8, 2013 at 14:44

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.