How to set special permissions on files/directories using chmod
e-smith release 4.1.x
Author:  Stefano Del Corno <sdelcorno@katamail.com>
Contributor:  

Problem:  You need to set special permissions, say the 's' bit

Solution:  Use the chmod hidden fourth digit numeric as described below:
While using "numeric" chmod you could use the "hidden" fourth digit to set the "s" bit ... so if usually you'd issue a chmod 750 to obtain full permission for the owner, read and execution for the group and no access to others, you could use a chmod 4750 (note the leading 4) to give "s" bit to the owner

You could imagine a fourth octal digit hidden before the well known three ones that you already used with the chmod command. As in the "numeric" chmod, each bit sets a particular permission. In the three well known digits the higher bit sets the read permission, the middle is used to give write permission while the rightmost (and least significant) gives access to directory and execution to the files. In the same way, the highest bit in the fourth digit gives "Set User On Execution" while the middle gives "Set Group on Execution" and the third and rightmost is OS depending. Sometimes it is used on the directories with the meaning of "Sticky bit"

Let's make some examples:

If you have a file with the default Unix permissions (rwx-rw-rw-) and you want to REMOVE writing and reading for all others you'd issue something like chmod 660 file_name obtaining unix permissions (rw-rw----).  If you want to execute the file and want your group to be able to execute it, you'd issue chmod 770 file_name obtaining (rwxrwx---) .  I'd issue a chmod 750 (rwxr-x---) to have quiet and silent nights ;-) And now wonder that you'd like to give the opportunity to your group to run your executable with YOUR userid.  You'd give a chmod 4750, resulting in (first digit = 4 -> SetUser) the following unix permissions: (rwsr-x---).

The same way you could give an executable to everybody and let them execute it with a particular userid ... (In some systems the mail-system and the printer spooler uses this trick) you'd use a chmod 2755 resulting in unix permissions (rwxr-sr-x).

Sometimes you'd see a capital s instead of the "little one"... This means that the underlying x isn't set. So if you use: chmod 2705 you'll get (rwx--Sr-x).  Please note the capital 'S' !!! The group doesn't have the x bit (the third number is a '0')

A special note on directories:

If you have a directory (such as /tmp) where everybody could enter (the x bit) and delete files (the w bit), sometimes it's useful to set the t bit (chmod 1777 /tmp). In that way you'll obtain an useful (rwxrwxrwt) permission which means that everybody could get INTO the directory (the t bit is set) and read/write HIS/HER OWN FILES, without being able to DELETE the files used by others ... Try it out !! :-)

Best regards, Stefano