Today I Learned
Today I Learned
  • TIL
  • Ansible
    • Add Authorized SSH Key to User using Ansible
    • Add User to System using Ansible
    • Ansible Configure Default Inventory File
    • Ansible Disable Python Interpreter Warnings
    • Ansible Pause Playbook Execution
    • Ansible Test Connection
    • Run Ansible Playbook Locally
    • Setting a Password in Ansible Inventory File
  • Caddy
    • Caddy Write Logs to a File
    • Return Client IP Address As Plain Text
  • Cheatsheet(s)
    • Bash Cheatsheet
    • Dnf Cheatsheet
    • Grep Cheatsheet
    • Markdown Cheatsheet
    • MongoDB Cheatsheet
    • Networking Cheatsheet
    • Python Cheatsheet
    • ReactJS Cheatsheet
    • Regex Cheatsheet
  • Docker
    • Docker Build Multiple Tags At Once
    • Docker Exec (docker exec)
    • Docker Publish Port
    • Docker Run Without Cache
    • Docker Run (docker run)
    • Docker Fix UFW Security Flaw
    • Install Docker
    • Install Ping in Docker
    • Pass Build Time Arguments To Docker Build
    • Remove Container When It Exists
    • Remove Unused Data
    • Run Docker without Root
    • Setup Docker Buildx For Multi Arch builds
  • Git
    • Change Last Commit Message
    • Delete Tag
    • Get Tag Names in Git
    • Save Credentials for Remotes in Git
    • Show Commit Only From One Author
    • View Git Commit Changes
  • GitHub
    • GitHub Actions
      • Running Jobs in a Container
      • Setting An Environment Variable
  • Go
    • Convert String To Uppercase in Go
    • List All Possible GOOS And GOARCH In Go
    • Print Go Version
    • Resolve Hostname To IP Address
    • Trim Whitespaces From String
    • Update Project Libraries To Latest
  • Learning Resource(s)
    • Algorithms
    • DevOps
    • Git
    • Linux
    • Networking
    • Programming Languages
  • Linux
    • Add Swap Space To System
    • Add User To System
    • Beautify Logs
    • Benchmark System
    • Ccze Scrolling Output
    • Change Default Shell
    • Change Hostname Of A System
    • Changing User Password In Shell Script
    • Check Group Of A User
    • Check If A Package Is Installed Or Not
    • Check If A Port Is In Use
    • Check If A User Exists
    • Check Open Port
    • CMake Parallel Build with All Cores
    • Create Symbolic Links
    • Determine Which Process Is Using a File
    • Enable SSH Server
    • Fix Permission For Newly Created Partitions
    • Fix Windows And Linux Different Time Issue
    • Get Arch Of System
    • Increase Limit of Inotify Watchers
    • Install Latest NodeJS In Linux
    • Install Pavucontrol
    • Install Postman
    • Kill A Process In Linux
    • Mount Partition On System Startup
    • OpenVPN Server
    • Ping over TCP
    • Pipe Password to Sudo
    • Remove PPA From System
    • Remove User Password
    • Root Check
    • Run Go Binaries Without Installing Go
    • Set Different Time Zone
    • Show Disk Usage By Directories
    • Show Public IP
    • Show Size of Current Directory
    • System Upgrade
    • Tar Exclude Directories
    • Tar Retain File Permissions
    • Why All Users Can Write to /tmp
    • Alpine Linux
      • Adding User On Alpine
      • Changing Timezone On Alpine
      • Installing Ansible On Alpine
      • Install Dig On Alpine
      • Installing Pip On Alpine
      • Installing Python2 On Alpine
    • Apt
      • apt-fix-broken-packages
      • APT Hold Package(s) From Upgrades
    • Arch Linux
      • Install Docker Compose
      • Install Docker
      • Install Pip
    • BASH
      • Bash List Only Directories
      • BashTOP Resource Monitor
      • Case Statements
      • Concatenate Strings
      • Custom Shell Prompt
      • Length of String in Variable
      • Pass Arguments while Piping
      • Read Command Output In Reverse Order
      • "set -e" In Scripts
      • Set MacOS Like Terminal Font
      • Set Unlimited Bash History
      • shell-formatter
      • Test Regular Expression Against A String
      • Yes
    • Curl
      • Fix Failed Writing Body While Piping
      • Use Proxy Server in cURL
    • Fedora Linux
      • Install RPM Packages in Fedora
    • GPG
      • Fix "Inappropriate ioctl for device" Error
      • GPG Import Keys
      • GPG Test
      • GPG Trust Key
      • GPG Verify Signature
    • Grep
      • Grep Case Insensitive Search
      • Grep Count Matches
      • Grep Exact Match
      • Grep Invert Search
      • Grep On Continous Stream
      • Grep Quiet Mode
      • Grep Search For Multiple Strings
      • Remove Empty Lines
    • Journalctl
      • Get Errors in Running Services using Journalctl
    • Networking
      • Install Dig
      • Install MTR
      • Set Metric For A Network Using nmcli
      • WireGuard Server
    • Raspberry Pi
      • Disable Swap Memory on SD Card
    • SSH
      • Reconnect To a Disconnected SSH Session
      • Run A Local Script On Remote SSH Server
      • Screen
      • Tmux
    • Systemd
      • Create A Service
      • Create A Systemd Timer
      • List Systemd Services Of A User
      • Prevent Systemd Timers from Overlapping
      • Watch Systemd Service Status
    • Tcpdump
      • Capture ICMP Packets
      • Capture Traffic By An IP Address Or A Network
    • Ubuntu
      • Get Clipboard History
      • Install HMAC256 On Ubuntu
      • Obtaining a List of Ubuntu Repository Mirror Servers
    • Wget
      • Basic Auth
  • Miscellaneous
    • Good Reads
    • Must Read Sites
    • Useful Sites
  • Python
    • Add An Item To Dictionary
    • Check If A Key Exists In Dictionary
    • Check If a String is Empty
    • Check Image Size
    • Check Python Version Programmatically
    • Convert List To Tuple
    • Execute Python Code In Command Shell
    • Formatted Strings
    • Get IP Address From Hostname
    • Limit Floating Point To Two Decimal Places
    • Measure Latency Using TCP
    • pass-list-as-argument-to-a-function
    • Print Tabular Data
    • Python Padding Strings
    • Read A File Line By Line
    • Remove A File
    • Remove Trailing Spaces And New Lines From A String
    • Run Python Script in Background
    • Split String with Delimiter
    • Validate IP Address
    • Pipenv
      • Install Dependencies System Wide
      • Remove Virtualenv (Virtual Environment)
  • Rclone
    • Limit Upload Download Speeds in Rclone
  • ReactJS
    • ReactJS Resources
  • Vagrant
    • Increase RAM And CPU On Vagrant Machine
    • Vagrant Specify Disk Size
  • VS Code
    • Install VS Code on a Linux Server
  • WSL
    • Convert WSL1 to WSL2
    • Enable Systemd Support in WSL2 (Obsolete)
Powered by GitBook
On this page
  • What is /tmp?
  • Permissions Explained
  • Why is /tmp World-Writable?
  • Summary
  1. Linux

Why All Users Can Write to /tmp

I've been wondering for a while now, that how come all the users on a system is able to write to the /tmp directory. And turns out, that /tmp is a special directory which uses sticky bit to achieve just that.

What is /tmp?

/tmp is a special directory used for storing temporary files created by users and system processes.

Permissions Explained

By default, /tmp is owned by root but has the following permissions:

drwxrwxrwt

This breaks down as:

  • drwxrwxrwx: All users can read, write, and execute (list contents) in /tmp.

  • The t (sticky bit): Ensures only the owner of a file (or root) can delete or rename it.

Why is /tmp World-Writable?

  • Temporary Storage: Allows any user or process to create files for temporary use.

  • Security: The sticky bit prevents users from deleting or renaming files that don’t belong to them.

Summary

All users can write to /tmp because of its world-writable permissions and the sticky bit, which together provide a secure and flexible temporary workspace for everyone on the system.

Reference(s):

PreviousTar Retain File PermissionsNextAlpine Linux

Last updated 4 days ago

Reddit - Linux4Noobs
Stack Exchange