Create a world-writable shared directory and apply the sticky bit so users can write freely but cannot delete files they do not own. Validate correct permissions by inspecting the directory mode and interpreting the sticky-bit indicator.
Your team needs a shared drop directory where multiple users can write files during a handoff
workflow. The directory must be world-writable to avoid permission friction, but you must
prevent users from deleting or renaming files they do not own. This is the exact problem the
sticky bit solves (for directories like /tmp).
If a shared directory is writable by many users without the sticky bit, anyone can delete anyone else’s files. Sticky bit makes the directory safe for “shared write” use cases.
/tmp/shared.chmod using octal and symbolic modes.
ls -ld and interpreting t in
drwxrwxrwt.
/tmp commonly uses mode 1777.
mkdir -p /tmp/shared
-p creates the path if needed and does not error if the directory already
exists. Using /tmp mirrors the standard sticky-bit use case.
# Directory exists:
ls -ld /tmp/sharedchmod 777 /tmp/sharedWorld-writable allows multiple users to create files. On its own, this is unsafe because directory write permission allows deletion. The sticky bit is the control that makes shared-write directories viable.
# Expect rwx for user/group/other:
ls -ld /tmp/sharedchmod +t /tmp/sharedWith sticky bit set on a directory, only the file owner, the directory owner, or root can delete or rename entries in that directory.
# Confirm sticky bit is present (t):
ls -ld /tmp/shared1777.
ls -ld /tmp/shared
stat -c '%a %n' /tmp/shared
The sticky bit appears as a t in the “other execute” slot
(drwxrwxrwt). The octal mode shows the sticky bit as the leading
1 in 1777.
drwxrwxrwt 2 root root 4096 Jul 18 15:04 /tmp/shared
1777 /tmp/shared# With sticky bit set:
# - Users can create files in /tmp/shared
# - Users cannot delete/rename files they do not own
# Without sticky bit:
# - Any user with write permission on the directory can delete others' filesSticky bit is enforced on delete and rename operations in that directory. It does not change file read/write permissions on the files themselves.
If the mode is 0777 without the leading 1, any user can
delete other users’ files. Fix with chmod +t /tmp/shared or set the full
mode chmod 1777 /tmp/shared.
Uppercase T means sticky is set but the “other execute” bit is not set.
For shared directories, you typically want t (execute on a directory means
users can traverse it).
If directory execute permission is missing, users cannot traverse or access entries even if they can write. For shared drop directories, ensure execute is present for the needed classes.
If this was a temporary directory for testing, remove it after verifying the permission behavior.
rm -rf /tmp/shared
/tmp/shared no longer exists, and no other directories under
/tmp were modified.
mkdir -p <dir>: Creates a directory path and does not error if the target already exists.
-p: Creates parent directories as needed.chmod 777 <dir>: Makes a directory world-writable.
777: rwx for user, group, and other.chmod +t <dir>: Sets the sticky bit on a directory.
chmod 1777 <dir>: Sets world-writable permissions plus sticky bit.
1: Sticky bit in octal.777: rwx for user, group, and other.ls -ld <dir>: Displays directory permissions and sticky-bit indicator.
t: Sticky bit set with execute for “other” (common for shared directories).T: Sticky bit set but execute for “other” is not set.