简单介绍下linux权限中的s和t

最新推荐文章于 2025-05-29 10:00:16 发布

bamuta

最新推荐文章于 2025-05-29 10:00:16 发布

阅读量3.2k

点赞数

CC 4.0 BY-SA版权

分类专栏： Linux

本文链接：https://blog.youkuaiyun.com/bamuta/article/details/34453057

Linux 专栏收录该内容

36 篇文章

订阅专栏

本文介绍了Linux权限系统中的特殊模式，包括setuid、setgid和sticky位。setuid使得执行文件的进程可以获得文件所有者的用户ID，setgid则影响进程的组ID，并且在目录上应用时，新创建的文件和目录会继承该目录的组。sticky位在目录上使用时，限制了用户只能删除或移动自己拥有的文件，即使他们对目录有写权限。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

上一篇（http://blog.youkuaiyun.com/bamuta/article/details/34451371）关于权限备份恢复中出现了s，这一篇简单说明一下。

1.关于权限中带S的修改方法：

[oracle@OEL63 bin]$ chmod 6571 oracle
[oracle@OEL63 bin]$ ll oracle
-r-srws--x 1 oracle oinstall 232399083 Aug 22 2013 oracle

2.s和t简单介绍：

上例中的“6”生成了s权限，571和正常的权限没有区别。

第1位“6”所在位上的数字可以是0,1(--t),2(-s-),3(-st),4(s--),5(s-t),6(ss-),7(sst)

0表示不使用任何特殊权限.

具体的说明：

以下内容引用自：http://en.wikipedia.org/wiki/File_system_permissions#Changing_permission_behavior_with_setuid.2C_setgid.2C_and_sticky_bits

Three permission triads
first triad	what the owner can do
second triad	what the group members can do
third triad	what other users can do
Each triad
first character	`r`: readable
second character	`w`: writable
third character	`x`: executable `s` or `t`: executable and setuid/setgid/sticky `S` or `T`: setuid/setgid or sticky, but not executable

Changing permission behavior with setuid, setgid, and sticky bits[edit]

Unix-like systems typically employ three additional modes. These are actually attributes but are referred to as permissions or modes. These special modes are for a file or directory overall, not by a class.

The set user ID, setuid, or SUID mode. When a file with setuid is executed, the resulting process will assume the effective user ID given to the owner class. This enables users to be treated temporarily as root (or another user).
The set group ID, setgid, or SGID permission. When a file with setgid is executed, the resulting process will assume the group ID given to the group class. When setgid is applied to a directory, new files and directories created under that directory will inherit the group from that directory. (Default behaviour is to use the primary group of the effective user when setting the group of new files and directories.)
The sticky mode. (Also known as the Text mode.) The classical behaviour of the sticky bit on executable files has been to encourage the kernel to retain the resulting process image in memory beyond termination; however such use of the sticky bit is now restricted to only a minority of unix-like operating systems (HP-UX andUnixWare). On a directory, the sticky permission prevents users from renaming, moving or deleting contained files owned by users other than themselves, even if they have write permission to the directory. Only the directory owner and superuser are exempt from this.