[user2@room9pc01 ~]$ touch u1.txt #touch命令未加suid权限时创建文件
[root@room9pc01 ~]# chmod u+s /usr/bin/touch
[user2@room9pc01 ~]$ touch u2.txt #touch 命令加suid权限后创建文件
[user2@room9pc01 ~]$ ll
总用量 0
#文件所有者所属组都是命令执行者的
-rw-rw-r--. 1 user1 user1 0 4月 2 20:41 u1.txt
-rw-rw-r--. 1 root user1 0 4月 2 20:41 u2.txt
sgid:创建文件继承父目录属组
[root@room9pc01 ~]# mkdir /tmp/demo
[root@room9pc01 ~]# chown .user1 /tmp/demo/
[root@room9pc01 ~]# ll -d /tmp/demo/
drwxr-xr-x. 2 root user1 4096 4月 2 21:00 /tmp/demo/
[root@room9pc01 ~]# cp /etc/passwd /tmp/demo/
[root@room9pc01 ~]# ll -d /tmp/demo/
drwxr-xr-x. 2 root user1 4096 4月 2 21:01 /tmp/demo/
[root@room9pc01 ~]# ll -d /tmp/demo/passwd
-rw-r--r--. 1 root root 2825 4月 2 21:01 /tmp/demo/passwd
[root@room9pc01 ~]# chmod g+s /tmp/demo
[root@room9pc01 ~]# cp /etc/host
host.conf hostname hosts hosts.allow hosts.deny
[root@room9pc01 ~]# cp /etc/hosts /tmp/demo/
[root@room9pc01 ~]# ll -d /tmp/demo/hosts
-rw-r--r--. 1 root user1 503 4月 2 21:02 /tmp/demo/hosts
sticky bit:只允许修改自己的文件
[root@room9pc01 ~]# mkdir /tmp/share
[root@room9pc01 ~]# ll -ld /tmp/share
drwxr-xr-x. 2 root root 4096 4月 2 21:07 /tmp/share
[root@room9pc01 ~]# chmod 777 /tmp/share
[root@room9pc01 ~]# chmod o+t /tmp/share
[root@room9pc01 ~]# ll -ld /tmp/share
drwxrwxrwt. 2 root root 4096 4月 2 21:07 /tmp/share
[user2@room9pc01 share]$ echo ‘how are you?‘ > /tmp/share/user2.txt
[user1@room9pc01 ~]$ echo ‘who are you?‘ > /tmp/share/user1.txt
[user1@room9pc01 ~]$ rm -rf /tmp/share/user2.txt
rm: 无法删除"/tmp/share/user2.txt": 不允许的操作
set uid ,set gid ,sticky bit用法及区别
原文:http://blog.51cto.com/13587169/2093972