No this isn't a perverted question...

I'm kind of embarrassed to admit this, but I obviously still have a lot to learn about *nix.

I've got my new system up and running. I converted all but / to reiserfs, but in moving stuff to the reiser partitions my permissions were set to 755 on the /tmp directory. It took me a while to realize that this was causing problems starting X as a user (hey I'm no expert), but I finally realized I had to set write access to /tmp for everybody.

I did a man chmod to read about the various flags. I had heard about sticky bits before, but to tell you the truth, I don't understand them that much.

I decided to chmod 777 /tmp, then a chmod +t /tmp. From my understanding, this means that everyone can write to the /tmp directory, but can only modify files they created or otherwise own. Otherwise, w/o the t bit, anyone with write access could modify anything.

Have I done this the proper way? It's only a desktop we're talking about, but I want to know the proper security.

IIRC, if a file has the sticky bit set any user that uses it asumes the ID of the original maker.
Dunno for sure tho.

I think you're referring to the +s bit which is setUID. But then again, what do I know b/c I'm the one asking the ?'s. :)

Sorry, I don't usually do the bumpage, but I'm curious about this one. :)

Here's a pretty good explanation from the Linux from Scratch manual:

Normally directories are created with permission mode 755, which isn't desired for all directories. I haven't checked the FHS if they suggest default modes for certain directories, so I'll just change the modes for a few directories that make sense to change. The first change is a mode 0750 for the $LFS/root directory. This is to make sure that not just everybody can enter the /root directory (the same you would do with /home/username directories). The second change is a mode 1777 for the tmp directories. This way every user can write stuff to the /tmp directory if they need to. The sticky (1) bit makes sure users can't delete other user's file which they normally can do because the directory is set in such a way that every body (owner, group, world) can write to that directory.


cd $LFS &&
chmod 0750 root &&
chmod 1777 tmp usr/tmp var/tmp

Thanks, it sounds like I actually had it right. :D

Actually the "s" bit and the "t" bit are different. "s" gives makes a directory or binary SUID, but "t" makes it sticky. Don't confuse them. :)