jmason@gpu.utcs.utoronto.ca (Jamie Mason) (02/04/91)
A while back, I posted a message to this newsgropup asking what effect the Set-User-ID, Set-Group-ID and "Sticky" Bits have on "Inappropriate" files. I asked what effect the SUID and SGID bits had on files which could not be rightly called 'executable' -- special files such as Block Devices, Character Devices, Symbolic Links, Named Pipes, Sockets and Directories. I asked what effect the sticky bit had on files other than directories. (I knew that on directories, the sticky bit indicates that files in the directory cannot be deleted by unprivliged users... The rules of which are a bit long. But /tmp is a good example.) I asked what the sticky bit does on text files, executable files, and the special files mentionned above. I asked for reply by Mail and promised a summary. So far, I have only received two replies, but it has been a long time, so I will summarize. -------------------------------------------------- From: gordon@sneaky.lonestar.org (Gordon Burditt) Date: Tue, 25 Dec 1990 17:39:00 -0500 The ORIGINAL use for the "sticky" bit was on executable files. It indicated that the text segment of the file should be kept loaded (in memory or swap space) in anticipation of the file being used again. This was a speedup hack, and the sticky bit was often applied to things like the shell and 'ls'. This may be somewhat obsoleted by systems with virtual memory, or maybe there's still a saving from not having to set up the file in memory again. On some systems, the sticky bit on NON-executable files means that file locking should be mandatory instead of advisory. That is, a read() or write() may block if another process has the file locked. [ About the Sticky Bit on special files ] No use that I know of. The set-uid or set-gid bit on directories can often be used as a "someone's been modifying my directory" flag, since on some systems it's reset when the directory is modified. It also annoys superusers who carefully keep track of unauthorized setuid programs with not-too-smart find commands. -------------------------------------------------- From: p554mve@c1a.mpifr-bonn.mpg.de (Michael van Elst) Date: Wed, 2 Jan 1991 13:35:29 -0500 Organization: Max-Planck-Institut fuer Radioastronomie, Bonn Hello, this won't be a complete answer but.... [ About Sticky Bit... ] Nothing for regular files. The NFS server usually doesn't force inodes to be written to disk for these files which is used for NFS swapping. [ ... on executables ] The program (text segment) is forced to be left in virtual memory (swap space) after the process running the program has finished. Starting the program again will be faster. Set-Group-ID is used in BSD4.3 (and maybe SVR4) to indicate that newly created files in this directory should inherit the group id of this directory instead of the group ID of the process. Some systems allow the reversal of this definition. -------------------------------------------------- That's the summary. I thank the two people who contributed. It would seem then that these bits have no meaning on certian types of files... Just as none of the bits of the mode have any real meaning on symbolic links. And why would one possibly make a file of mode 266, or anything other mode where a permission is granted to GROUP or OTHER which is not granted to USER, or where a permission is granted to OTHER which is not granted to GROUP. And what is mode 000 for?? It seems that file modes are not logical, afterall. :-) Jamie ... "Who was that Masked Interrupt?" Written On Monday, February 4, 1991 at 07:37:16am EST
das@eplunix.UUCP (David Steffens) (02/05/91)
In article <1991Feb4.124123.25558@gpu.utcs.utoronto.ca>, jmason@gpu.utcs.utoronto.ca (Jamie Mason) says: > ... And what is mode 000 for?? ... Testing the error traps in programs that expect some file/directory to be always readable/writable. -- David Allan Steffens | I believe in learning from past mistakes... Eaton-Peabody Laboratory | ...but does a good education require so many? Mass. Eye & Ear Infirmary, 243 Charles Street, Boston, MA 02114 {harvard,mit-eddie,think}!eplunix!das (617) 573-3748 (1400-1900h EST)