Categories
Learn and make

Linux special permission bits

Image: https://pamirwebhost.com/check-linux-file-permissions-with-ls/

SetUID

We can enable files to be run by the permission of the owner of the file. Like when we change password (command passwd). When you run the password command, its being run as root.

$ ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 68208 May 28 09:37 /usr/bin/passwd

The s stands for SetUID. When the s is substituted where irregular bit would be, it allows us to run the file with the permissions of the owner of the file.

To enable the SetUID bit:

$ sudo chmod u+s file.txt
or
$ sudo chmod 4755 file.txt
$ ls -l test.txt
-rwSrw-r-- 1 taunoerik taunoerik 2952 Sep  1 17:36 test.txt

Passwords are stored on /etc/shadow file.

$ ls -l /etc/shadow
-rw-r----- 1 root shadow 1377 Jul 29 09:15 /etc/shadow

SetGID

You can run a file using group permissions with setgid or set group ID. This allows you to run a file as a member of the file group.

To enable SetGID bit:

$ sudo chmod g+s file.txt
or
$ sudo chmod 2755 file.txt

Sticky Bit

This bit sticks a file or folder down. It makes it so anyone can write to a file or folder, but they can’t actually delete anything. Only the owner of root can delete anything.

Temporary files are stored /tmp. There’s a special permission but at the end here t, this means everyone can add and modify files in the slash tmp directory, but only root or the owner can delete the slash tmp directory.

To enable Sticky Bit:

$ sudo chmod +t test/
or
$ sudo chmod 1755 test/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.