5.2.3 Changing Special Permissions

In addition to changing a file’s read, write, and execute permissions, you can change its special permissions. See Structure of File Permissions, for a summary of these permissions.

To change a file’s permission to set the user ID on execution, use ‘u’ in the users part of the symbolic mode and ‘s’ in the permissions part.

To change a file’s permission to set the group ID on execution, use ‘g’ in the users part of the symbolic mode and ‘s’ in the permissions part.

To change a file’s permission to set the restricted deletion flag or sticky bit, omit the users part of the symbolic mode (or use ‘a’) and put ‘t’ in the permissions part.

For example, to add set-user-ID permission to a program, you can use the mode:

u+s

To remove both set-user-ID and set-group-ID permission from it, you can use the mode:

ug-s

To set the restricted deletion flag or sticky bit, you can use the mode:

+t

The combination ‘o+s’ has no effect. On GNU systems the combinations ‘u+t’ and ‘g+t’ have no effect, and ‘o+t’ acts like plain ‘+t’.

The ‘=’ operator is not very useful with special permissions; for example, the mode:

o=t

does set the restricted deletion flag or sticky bit, but it also removes all read, write, and execute permissions that users not in the file’s group might have had for it.