SET-GID和SET-UID是使应用的执行者拥有与应用拥有者一样的组和用户ID,比如ping应用,其owner是root,因为ping要使用保留端口,普通用户是不能使用的。为了大家都能使用ping,则设置ping的set-uid位,使执行ping的用户在ping这个应用内部都拥有root的权限。
UMASK是创建文件时的文件模式掩码。
粘滞位只对目录起作用,主要用在/tmp下,防止不同用户互相干扰。见下:
If a directory is writable and has S_ISVTX (the sticky bit)
set, files within that directory can be removed or renamed
only if one or more of the following is true (see unlink(2)
and rename(2)):
o the user owns the file
o the user owns the directory
o the file is writable by the user
o the user is a privileged user
