The file permission bits of the file named specified by
or referenced by the file descriptor
are changed to
system call verifies that the process owner (user) either owns
the file specified by
is the super-user.
system call follows symbolic links to operate on the target of the link
rather than the link itself.
system call is similar to
but does not follow symbolic links.
A mode is created from
permission bit masks
.In sys/stat.h :
#define S_IRWXU 0000700 /* RWX mask for owner */
#define S_IRUSR 0000400 /* R for owner */
#define S_IWUSR 0000200 /* W for owner */
#define S_IXUSR 0000100 /* X for owner */
#define S_IRWXG 0000070 /* RWX mask for group */
#define S_IRGRP 0000040 /* R for group */
#define S_IWGRP 0000020 /* W for group */
#define S_IXGRP 0000010 /* X for group */
#define S_IRWXO 0000007 /* RWX mask for other */
#define S_IROTH 0000004 /* R for other */
#define S_IWOTH 0000002 /* W for other */
#define S_IXOTH 0000001 /* X for other */
#define S_ISUID 0004000 /* set user id on execution */
#define S_ISGID 0002000 /* set group id on execution */
#define S_ISTXT 0001000 /* sticky bit */
VM system totally ignores the sticky bit
On UFS-based file systems (FFS, LFS) the sticky
bit may only be set upon directories.
(the sticky bit) is set on a directory,
an unprivileged user may not delete or rename
files of other users in that directory.
The sticky bit may be
set by any user on a directory which the user owns or has appropriate
For more details of the properties of the sticky bit, see
If mode ISUID (set UID) is set on a directory,
and the MNT_SUIDDIR option was used in the mount of the file system,
then the owner of any new files and sub-directories
created within this directory are set
to be the same as the owner of that directory.
If this function is enabled, new directories will inherit
the bit from their parents.
Execute bits are removed from
the file, and it will not be given to root.
This behavior does not change the
requirements for the user to be allowed to write the file, but only the eventual
owner after it has been created.
Group inheritance is not affected.
This feature is designed for use on fileservers serving PC users via
ftp, SAMBA, or netatalk.
It provides security holes for shell users and as
such should not be used on shell machines, especially on home directories.
This option requires the SUIDDIR
option in the kernel to work.
Only UFS file systems support this option.
For more details of the suiddir mount option, see
Writing or changing the owner of a file
turns off the set-user-id and set-group-id bits
unless the user is the super-user.
This makes the system somewhat more secure
by protecting set-user-id (set-group-id) files
from remaining set-user-id (set-group-id) if they are modified,
at the expense of a degree of compatibility.