22.6 Protecting Files with the Sticky Bit
UNIX directory access permissions say that if a user has write permission on a directory, she can rename or remove files there–even files that don't belong to her (see article 22.11 ). Many newer versions of UNIX have a way to stop that. The owner of a directory can set its sticky bit ( mode ( 1.23 ) 1000). The only people who can rename or remove any file in that directory are the file's owner, the directory's owner, and the superuser.
Here's an example: the user
makes a world-writable
directory and sets the sticky bit (shown as
Other people create files in it. When jennifer tries to remove a file that belongs to ellie , she can't: