# linux中的setuid、setgid以及sticky bit

2018年11月3日14:34:33 发表评论

setuid的作用是以该命令拥有者的权限去执行，比如修改密码的passwd命令，执行passwd时会拥有root权限，不然就修改不了/etc/passwd文件了。

## 二、黏着位(sticky bit)

The S_ISVTX bit has an interesting history. Onversions of the UNIX System that predated demand paging, this bit was known as the sticky bit.If it was set for an executable program ﬁle, then the ﬁrst time the program was executed, a copy of the program’s text was saved in the swap area when the process terminated. (The text portion of a program is the machine instructions.) The program would then load into memory morequickly the next time it was executed, because the swap area was handled as a contiguous ﬁle, as compared to the possibly random location of data blocks in a normal UNIX ﬁle system. The sticky bit was often set for common application programs, such as the text editor and the passes of the C compiler. Naturally,therewas a limit to the number of sticky ﬁles that could be contained in the swap area beforerunning out of swap space, but it was a useful technique. The name sticky came about because the text portion of the ﬁle stuck around in the swap area until the system was rebooted. Later versions of the UNIX System referred to this as the saved-text bit; hence the constant S_ISVTX.With today’s newer UNIX systems, most of which have a virtual memory system and a faster ﬁle system, the need for this technique has disappeared.

On contemporary systems, the use of the sticky bit has been extended. The Single UNIX Speciﬁcation allows the sticky bit to be set for a directory. If the bit is set for a directory, a file in the directory can be removed or renamed only if the user has write permission for the directory and meets one of the following criteria:

1. Owns the file
2. Owns the directory
3. Is the superuser

The directories /tmp and /var/tmp are typical candidates for the sticky bit—they are directories in which any user can typically create files. The permissions for these two directories are often read, write, and execute for everyone (user, group, and other). But users should not be able to delete or rename files owned by others.

1. 所有者
2. 当前目录所有者
3. 超级用户