LINUX ADVANCED PERMISSIONS
Linux Advanced Permissions
There are three Advanced Permissions
1) Set User ID (SUID)
2) Set Group ID (SGID)
3) Sticky bit
1) Set User ID (SUID) :-
On very specific purpose use this permission. By default all users runs executable files with own permissions. Sometime you need special permission to execute some tasks. #ls –l /etc/shadow
Normal users also can change password and modify /etc/shadow file
without any access to the password file due to SUID set on the
/usr/bin/passwd command.
Apply SUID to file
#chmod u+s filename
2) Set Group ID (SGID) :-
SGID has two effects
1) If SGID is applied on file- user can run file as group owner of the filr
2) If SGID is applied on directory- all files in that directory will be owned automatically by group owner of that specified directory afterwards.
Let’s see this in following lab :-
Remove SGID
#chmod g-s <file or directory>
#chomd g-s demo234
3)Sticky bit :-
Sticky bit is used to protect files against accidentally deletion in multi user environment. If we apply this Advanced permission to directory then only owner can delete files from that directory. Like /tmp
t - indicates sticky bit + execute permissions
T - indicates only sticky bit is applied
Example:
