setuid (SUID)—This is used to grant root level access or permissions to users when an executable is given setuid permissions, normal users can execute the file with root level or owner privileges. Setuid is commonly used to assign temporarily privileges to a user to accomplish a certain task.
For example, changing a user’s password would require higher privileges, and in this case, setuid can be used.
setgid (SGID)—This is similar to setuid, the only difference being that it’s used in the context of a group, whereas setuid is used in the context of a user.
root@net:~#chmod u+s new
root@net:~#ls -al
root@net:~#ls -al
-rwSr--r-- 1 ali ali 13 Mar 18 07:54 new
Capital S shows Suid for this file.
root@net:~#chmod g+s guid-demo
root@net:~#ls -al
-rw-r-Sr-- 1 ali ali 0 Mar 18 09:13 guid-demo
Capital S shows Guid for guid-demo file and capital S is in group section
Stickybit Permission
This is another type of permission; it is mostly used on directories to prevent anyone other than the “root” or the “owner” from deleting the contents.
root@net:~#chmod +t new
root@net:~#ls -al
-rw-r--r-T 1 ali ali 13 Mar 18 07:54 new
Capital T shows that stickybit has been set for other user (only owner or root user can delete files)
root@net:~#lsattr
---------------- ./new
root@net:~#chattr +i new
root@net:~#lsattr ----i----------- ./new
Comments
Post a Comment