File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Linux / UNIX and the fly likes permissions: meaning of s vs. x? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Linux / UNIX
Bookmark "permissions: meaning of s vs. x?" Watch "permissions: meaning of s vs. x?" New topic

permissions: meaning of s vs. x?

Jim Yingst

Joined: Jan 30, 2000
Posts: 18671
I'm executing ls -l and seeing output like

I'm wondering about the symbols on the lesf side. I'm used to seeing d for directory, and rwx for read, write, execute permission for owner, group, and world. But what's the s for? Some (most) directories I see have x in that position, while a few have s instead. What's that about? Unfortunately "man ls" isn't telling me much about this so far, so any help is appreciated.

"I'm not back." - Bill Harding, Twister
Ernest Friedman-Hill
author and iconoclast

Joined: Jul 08, 2003
Posts: 24199

"s", like "x", means something different for directories and regular files.

For files, "x" means "executable" of course. For directories, it means "searchable." Without "x" permission on a directory, you can't set it to be your current directory, or get any of the file information like size, permissions, or inode number, so that you effectively can't access any of the files. If a directory has no "r" permission, you can't get a listing, but if you know a file is there, you can still access the file.

Now "s", for files, means "setuid exec." If a file has s permission, then it's executable, and furthermore, the user id and/or group id of the process is set to the user or group id of the owner of the file, depending on whether it's the user or group "s" that's set. This is a way to give limited root powers to a user -- a program that runs as root when an ordinary user executes it. For example, the "passwd" program, which can change otherwise write-protected files on behalf of a user, works this way: it's owned by the "bin" group (generally) and has g+s so that it can write to /etc/passwd and/or /etc/opasswd which are also owned by group "bin."

For directories, "s" means "sticky". If a directory has "s", then the owner and/or group of any files put into the directory are set to the owner/group of the directory. This is often used on CVS repositories, so that the files in the repository end up all owned by the same person and/or group, even though they're put in by different people. I use g+s on all the CVS repositories I set up.

[Jess in Action][AskingGoodQuestions]
Jim Yingst

Joined: Jan 30, 2000
Posts: 18671
Thank you, that covers it quite well I believe.
I agree. Here's the link:
subject: permissions: meaning of s vs. x?
It's not a secret anymore!