Three Special Permission
in Linux - SUID, SGID & Sticky Bit.
Three special permission in linux are
SUID, SGID and Sticky Bit which is use to control the linux user in advance.
What is SUID?
The common explanation given for SUID is, it is an advance file permission SUID allows an user to execute a script as if the owner of the script is executing it.
Example for SUID
The common explanation given for SUID is, it is an advance file permission SUID allows an user to execute a script as if the owner of the script is executing it.
Example for SUID
root@linuxforfreshers:~#ls -l
/usr/bin/passwd
-rwsr-xr-x 1 root root 22984 Jan 2013 /usr/bin/passwd
-rwsr-xr-x 1 root root 22984 Jan 2013 /usr/bin/passwd
SUID bit is set on an executable. It
runs with the permission of its owner.
Command :
Command :
root@linuxforfreshers:~#chmod
u+s < file name >
or
root@linuxforfreshers:~#chmod 4755 < file name >
or
root@linuxforfreshers:~#chmod 4755 < file name >
What is SGID?
If the set gid bit on directory entry is set, file in that directory will have the group ownership as the directory, instead of than the group of the user that created the file.
Command :
If the set gid bit on directory entry is set, file in that directory will have the group ownership as the directory, instead of than the group of the user that created the file.
Command :
root@linuxforfreshers:~#chmod
g+s < file name >
or
root@linuxforfreshers:~#chmod 2755 <file name >
or
root@linuxforfreshers:~#chmod 2755 <file name >
What is Sticky Bit?
Sticky
Bit is mainly used
on folders in order to avoid deletion of a folder and its content by other
users though they having write permissions on the folder contents. If Sticky
bit is enabled on a folder, the folder contents are deleted by only owner who
created them and the root user. No one else can delete other users data in this
folder(Where sticky bit is set). This is a security measure to avoid deletion
of critical folders and their content(sub-folders and files), though other
users have full permissions.
How
can I setup Sticky Bit for a Folder?
Sticky Bit can be
set in two ways
1.
Symbolic
way (t,represents sticky bit)
2.
Numerical/octal
way (1, Sticky Bit bit as value 1)
Symbolic
way:
chmod
o+t /opt/dump/
or
chmod +t /opt/dump/
or
chmod +t /opt/dump/
Numerical
way:
chmod
1757 /opt/dump/
Here in 1757, 1
indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and
execute permissions for group, and full permissions for others.
root@linuxforfreshers:~#chmod
o+t < Dir Name >
or
root@linuxforfreshers:~#chmod 1777 < Dir Name >
or
root@linuxforfreshers:~#chmod 1777 < Dir Name >
No comments:
Post a Comment