thelinuxvault blog

Linux Shell Sticky Bit: Usage and Examples

In the Linux ecosystem, file and directory permissions are foundational to security and access control. While most users are familiar with the basic read (r), write (w), and execute (x) permissions, there exist "special permissions" that add nuance to how files and directories behave. One such special permission is the Sticky Bit—a powerful tool designed to protect files in shared directories from accidental or malicious deletion.

Whether you’re a system administrator managing multi-user servers, a developer collaborating on shared projects, or a curious user exploring Linux internals, understanding the Sticky Bit is critical for maintaining secure and functional shared environments. In this blog, we’ll demystify the Sticky Bit: its purpose, how it works, syntax, practical examples, and best practices.

2026-02

Table of Contents#

  1. Understanding Linux File Permissions
  2. What is the Sticky Bit?
  3. How the Sticky Bit Works
  4. Sticky Bit Syntax and Representation
  5. Enabling/Disabling the Sticky Bit
  6. Practical Examples
  7. Common Use Cases
  8. Sticky Bit vs. Other Special Permissions
  9. Best Practices
  10. Troubleshooting
  11. Conclusion
  12. References

1. Understanding Linux File Permissions#

Before diving into the Sticky Bit, let’s recap Linux file permissions. Every file and directory in Linux has a set of permissions governing access for three user categories:

  • User (u): The owner of the file/directory.
  • Group (g): Users belonging to the file’s group.
  • Others (o): All other users on the system.

Permissions are represented by three sets of characters (e.g., rwxr-xr--), where:

  • r (read): Allows viewing content.
  • w (write): Allows modifying or deleting the file/directory.
  • x (execute): Allows running a file or accessing a directory.

These permissions can be viewed with ls -l and modified with chmod. Beyond the basic rwx permissions, Linux supports special permissions—including the Sticky Bit, SetUID, and SetGID—which add advanced access controls.

2. What is the Sticky Bit?#

The Sticky Bit (t) is a special permission designed for directories. Its primary purpose is to prevent users from deleting or renaming files owned by other users in shared directories.

Historical Note:#

Originally, the Sticky Bit was used on executable files to "stick" them in memory (reducing load times) on older Unix systems. This functionality is obsolete in modern Linux, where the Sticky Bit has no effect on regular files. Today, it is exclusively used for directories.

3. How the Sticky Bit Works#

When the Sticky Bit is set on a directory:

  • Users with write access to the directory can still create files and subdirectories.
  • However, a user can only delete or rename files they own (or files owned by the directory’s owner/root).

This ensures that even in a directory with open write permissions (e.g., rwxrwxrwx for "others"), users cannot accidentally or maliciously delete each other’s files.

Key Note: The Sticky Bit has no effect on regular files in modern Linux. It only modifies the behavior of directories.

4. Sticky Bit Syntax and Representation#

The Sticky Bit is represented differently in symbolic and numeric notation.

Symbolic Notation#

In ls -l output, the Sticky Bit appears as a t (lowercase) or T (uppercase) in the "others" execute position (the 10th character of the permission string).

  • Lowercase t: The Sticky Bit is set, and the "others" category has execute (x) permission.
    Example: drwxrwxrwt (common for /tmp).
  • Uppercase T: The Sticky Bit is set, but the "others" category lacks execute (x) permission.
    Example: drwxrwxrwT (rare, but possible if x is not granted to others).

Numeric Notation#

Numeric permissions use a 3-digit code (e.g., 755 for rwxr-xr-x). For special permissions, a 4th leading digit is added, where:

  • 1 = Sticky Bit
  • 2 = SetGID
  • 4 = SetUID

Thus, the Sticky Bit is represented by a leading 1 in numeric notation. For example:

  • 1777 = Sticky Bit + rwxrwxrwx (results in drwxrwxrwt).
  • 1755 = Sticky Bit + rwxr-xr-x (results in drwxr-xr-t).

5. Enabling/Disabling the Sticky Bit#

The Sticky Bit is managed with chmod. Below are the most common methods:

Symbolic Method#

To add/remove the Sticky Bit using symbolic notation:

ActionCommand
Add Sticky Bitchmod +t /path/to/directory
Remove Sticky Bitchmod -t /path/to/directory

Numeric Method#

To set the Sticky Bit using numeric notation, prepend 1 to the 3-digit permission code:

Desired PermissionsNumeric CodeResulting Symbolic Notation
Sticky + rwxrwxrwx1777drwxrwxrwt
Sticky + rwxr-xr-x1755drwxr-xr-t

6. Practical Examples#

Let’s walk through real-world scenarios to understand how the Sticky Bit works.

Example 1: The /tmp Directory#

The /tmp directory is a classic example of a shared directory with the Sticky Bit enabled. It is world-writable (anyone can create files), but the Sticky Bit prevents users from deleting others’ files.

Check /tmp permissions:

ls -ld /tmp

Output:

drwxrwxrwt 10 root root 4096 Oct 1 12:00 /tmp

Here, drwxrwxrwt indicates:

  • d: Directory.
  • rwxrwxrwx: Read/write/execute for user, group, and others.
  • t: Sticky Bit set (lowercase, since "others" have x).

Example 2: Creating a Shared Project Directory#

Suppose you want to create a shared directory for a team, where all members can collaborate but cannot delete each other’s files.

Step 1: Create the directory#

sudo mkdir /opt/team-shared

Step 2: Set the group (e.g., dev-team)#

sudo chgrp dev-team /opt/team-shared

Step 3: Enable group write access and Sticky Bit#

Use chmod 1770 (Sticky Bit + rwxrwx---):

sudo chmod 1770 /opt/team-shared

Step 4: Verify permissions#

ls -ld /opt/team-shared

Output:

drwxrwx--t 2 root dev-team 4096 Oct 1 12:30 /opt/team-shared

Step 5: Test behavior#

  • User alice (in dev-team) creates a file: 
    echo "Alice's file" > /opt/team-shared/alice.txt
  • User bob (in dev-team) creates a file: 
    echo "Bob's file" > /opt/team-shared/bob.txt
  • bob tries to delete alice.txt: 
    rm /opt/team-shared/alice.txt
    Output: 
    rm: cannot remove '/opt/team-shared/alice.txt': Operation not permitted
    Why? The Sticky Bit blocks bob from deleting alice’s file.

Example 3: What If the Sticky Bit Is Not Set?#

To see the danger of omitting the Sticky Bit, repeat Example 2 without setting it:

sudo chmod 0770 /opt/team-shared  # Remove Sticky Bit (0770 = rwxrwx---)

Now, bob can delete alice.txt:

rm /opt/team-shared/alice.txt  # Succeeds!

Example 4: Uppercase T (No Execute for Others)#

If the Sticky Bit is set but "others" lack execute permission, the symbol becomes T (uppercase).

mkdir test-dir
chmod 666 test-dir  # rw-rw-rw- (no execute for anyone)
chmod +t test-dir   # Add Sticky Bit
ls -ld test-dir

Output:

drw-rw-rwT 2 user user 4096 Oct 1 13:00 test-dir

7. Common Use Cases#

The Sticky Bit is essential for shared directories where multiple users need write access but should not interfere with each other’s files. Common use cases include:

  • /tmp and /var/tmp: System-wide temporary directories.
  • Team Project Directories: Shared workspaces for developers (e.g., /opt/team-shared).
  • Public Upload Directories: Web servers (e.g., ftp/uploads or nginx/www/uploads), where users upload files but shouldn’t delete others’ uploads.
  • Multi-User Environments: Shared folders in universities, labs, or enterprise systems.

8. Sticky Bit vs. Other Special Permissions#

It’s important to distinguish the Sticky Bit from other special permissions:

PermissionUse CaseEffectSymbolNumeric Code
Sticky BitDirectoriesPrevents deletion of others’ filest1 (leading)
SetUIDExecutable filesRuns file as the file’s owner (not user)s4 (leading)
SetGIDExecutable files or directoriesRuns file as the file’s group; directories inherit groups2 (leading)

9. Best Practices#

  • Use Sparingly: Only set the Sticky Bit on directories explicitly intended for shared write access (e.g., avoid overusing it on personal directories).
  • Combine with Least Privilege: Pair the Sticky Bit with restrictive group/user permissions (e.g., 1770 instead of 1777) to limit access to trusted users.
  • Audit Regularly: Use find / -perm -1000 -type d 2>/dev/null to list all sticky directories and verify they’re still needed.
  • Avoid 1777 Unless Necessary: rwxrwxrwt (1777) allows world-write access. Prefer 1770 (group-only write) or 1755 (user-write only) when possible.

10. Troubleshooting#

Issue 1: Can’t Delete My Own File in a Sticky Directory#

  • Cause: The file may have restrictive permissions (e.g., r--r--r--), but the Sticky Bit doesn’t block deletion of your own files.
  • Fix: Ensure you own the file (ls -l filename), then use chmod u+w filename to add write permissions, or delete with sudo (if root).

Issue 2: Sticky Bit Not Blocking Deletions#

  • Cause: The Sticky Bit may not be set, or the user is root (root can delete any file).
  • Fix: Verify the Sticky Bit with ls -ld directory (look for t/T). If missing, run chmod +t directory.

Issue 3: T Instead of t in Permissions#

  • Cause: The "others" category lacks execute (x) permission.
  • Fix: Add execute permission with chmod o+x directory to change T to t.

11. Conclusion#

The Sticky Bit is a critical tool for securing shared directories in Linux. By preventing accidental or malicious deletion of others’ files, it enables safe collaboration in multi-user environments. Whether you’re managing /tmp, a team project folder, or a public upload directory, understanding and using the Sticky Bit ensures data integrity and security.

Remember: The Sticky Bit is for directories, uses t/T in permissions, and is set with chmod +t or numeric 1. Use it wisely, and always pair it with least-privilege access controls!

12. References#