SUID (Set owner User ID up on execution)
- SUID is a special permission assigned to a file.
- Allow user to run a program with the permissions of the file owner
- e.g.
- -rwsr-xr-x 1 root root 30768 Nov 24 2015 /usr/bin/passwd
- -rwsr-xr-x 1 root root 38520 Mar 22 2017 /bin/ping
- setup suid, two ways
- chmod u+s file.txt
- chmod 4750 file.txt
- S vs s
- S means no executable permission, then run
- chmod u_x file.txt
- S means no executable permission, then run
SGID
- execute a file with the group ownership of that file
- setup sgid, two ways
- chmod g+s xxx
- chmod 2775 xxx
Sticky Bit
- set on file or directory
- allow root or owner to delete or rename the file
- e.g.
- drwxrwxrwt 10 root root 4096 Feb 7 05:30 /tmp
- setup, two ways
- chmod +t xxx
- chmod 1777 xxx