Unix File Permission – Meaning of the First Digit in 4-Digit Octal Notation

permissionsunix

3-digit:

644
ugo (user group other)

4-digit:

0644
?ugo (??? user group other)

What is the first octal digit for in 4-digit octal Unix file permission notation?

Best Answer

From man chmod:

A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1. Any omitted digits are assumed to be leading zeros. The first digit selects the set user ID (4) and set group ID (2) and sticky (1) attributes.

What are "set user ID", "set group ID", and "sticky", you ask?

setuid/setgid:

setuid and setgid (short for "set user ID upon execution" and "set group ID upon execution", respectively) are Unix access rights flags that allow users to run an executable with the permissions of the executable's owner or group. They are often used to allow users on a computer system to run programs with temporarily elevated privileges in order to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

Also, when applied to a directory, the setuid/setgid cause new files created in the directory to inherit the uid or gid, respectively, of the parent directory. This behavior varies based upon the flavor of unix. For example, linux honors the setgid, but ignores the setuid on directories.

And sticky:

The most common use of the sticky bit today is on directories. When the sticky bit is set, only the item's owner, the directory's owner, or the superuser can rename or delete files. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner. Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files.

Related Solutions

What is the Sticky Bit in UNIX File Systems and When to Use It

Its original use was to provide a hint to the OS that the executable should be cached in memory so it would load faster. This use has mostly been deprecated as OSes are pretty smart about this sort of thing now. In fact, I think now some OSes use it as a hint that the executable shouldn’t be cached.

The most common use today is to create a directory in which anyone can create a file, but only the owner of a file in that directory can delete it. Traditionally, if you have a directory that anyone can write to, anyone can also delete a file from it. setting the sticky bit on a directory makes it so only the owner of a file can delete the file from a world-writeable directory.

The classic use of this is the /tmp directory:

$ ls -ld /tmp
drwxrwxrwt   29 root     root         5120 May 20 09:15 /tmp/

The t in the mode there is the sticky bit. If that wasn’t set, it would be pretty easy for a regular user to cause havoc by deleting everything from /tmp. Since lots of daemons put sockets in /tmp, it would essentially be a local DOS.

Linux – Setting up svn manually for the first time – Permission denied – txn-current-lock

check under which user svnserve runs

ps faux|grep svnserve

and then change ownership of subversion repository directory [ not your local copy of it! ] so it's owned by user you found out in fist step

chown user: -R /some/path/to/svn/repo

btw - i do suggest you make your repository available via http / libapache2-svn. you'll gain more standardized access method and ability to have fine-grained access control. if you go that way - change ownership of the repository to www-data [ or other user under which apache runs ].

Best Answer

Related Solutions

What is the Sticky Bit in UNIX File Systems and When to Use It

Linux – Setting up svn manually for the first time – Permission denied – txn-current-lock

Related Topic