• It actually use to set setuid & setgid
• setuid allows users to run an executable with the permissions of the file owner.
• setgid allows users in the group to run an executable with the permissions of the file owner’s group.
• They are used to prevent other users from altering files/directory in a common workspace like /var/share or /tmp

• -t is used to protect files within a directory. This is also called *restricted deletion flag.

  Usage

  chmod +t /var/share
  

• In some case you want all user to execute particular binary but keeping file ownership to yourself. Suppose the file is /usr/bin/bin2hex

  In such situation sticky bit is handy

  chmod +s /usr/bin/bin2hex
  

  This will set both setuid & setgid, if you want to have fine control, use u+s, or g+s

  Example: setuid ONLY

  chmod u+s /usr/bin/bin2hex
  

  Example: setgid ONLY

  chmod g+s /usr/bin/bin2hex
  

  or you can remove sticky bits using u-s, g-s

• Binary implementation of Restrict file deletion flag

  1: chmod +t /var/share
  2: # is equivalent to
  3: chmod 1755 /var/share
  

  We can also set both setuid and Restrict file deletion flag

  1: chmod 5755 /var/share
  2: # is equivalent to
  3: chmod u+s,+t /var/share
  

Lets say the permission on file is 5755

Lets break it as 5 and 755

5 = 4 (setuid or +s) + 1 (restrict file deletion flag or +t)

755 is rwx-r-x-r-x

7755 can be broke into 7 & 755

7 = 4 (setuid) + 2 (setgid) + 1 (restrict file deletion bit)

A classic example of sticky bit is the permission set on binary file passwd. Although it is owned by root, setuid is set for normal users to execute the program in-order to change password. It was invented by Dennis Ritchie around 1972.