xxxxxxxxxxxxxxxxxxxxxx File Permission xxxxxxxxxxxxxxxxxx
Set user ID, set group ID, sticky bit
- SUID or setuid:[4] Change user ID on execution. If setuid bit is set, when the file being executed by any user, the process will have the same rights as the owner of the file being executed.
- SGID or setgid:[2] Change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
- Sticky bit:[1] It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependent and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.
-->> If the sticky bit is set for a directory, only the owner of that directory or the owner of a file can delete or rename a file within that directory.
EG: Login as root
# mkdir /usr/Shirish
# touch /usr/Shirish/shukla
# chmod -R 1777 /usr/Shirish/shukla
Login as normal user : sks
# ls -l /usr/Shirish/shukla
-rwxrwxrwt 1 root root 16 Feb 11 00:31 /usr/Shirish/shukla
# rm -fr /usr/Shirish/shukla
rm: cannot remove `/usr/Shirish/shukla': Operation not permitted
SUID bit is set for files ( mainly for binary files only, note It'll not work on perl or shell scripts).
The SUID permission makes a binary to run as the user who is the owner of the binary, rather than the user who started it.
SGID, it will run with the privileges of the files group owner, instead of the privileges of the person running the program.
-----------------------------------------------------------------------------------
0755 -> setuid, setgid, sticky bits are cleared 000
1755 -> sticky bit is set 001
2755 -> setgid bit is set 010
3755 -> setgid and sticky bits are set 011
4755 -> setuid bit is set 100
5755 -> setuid and sticky bits are set 101
6755 -> setuid and setgid bits are set 110
7755 -> setuid, setgid, sticky bits are set 111
-----------------------------------------------------------------------------------
Shirish Shukla
Any comments are welcome .
Set user ID, set group ID, sticky bit
- SUID or setuid:[4] Change user ID on execution. If setuid bit is set, when the file being executed by any user, the process will have the same rights as the owner of the file being executed.
- SGID or setgid:[2] Change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
- Sticky bit:[1] It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependent and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.
-->> If the sticky bit is set for a directory, only the owner of that directory or the owner of a file can delete or rename a file within that directory.
EG: Login as root
# mkdir /usr/Shirish
# touch /usr/Shirish/shukla
# chmod -R 1777 /usr/Shirish/shukla
Login as normal user : sks
# ls -l /usr/Shirish/shukla
-rwxrwxrwt 1 root root 16 Feb 11 00:31 /usr/Shirish/shukla
# rm -fr /usr/Shirish/shukla
rm: cannot remove `/usr/Shirish/shukla': Operation not permitted
SUID bit is set for files ( mainly for binary files only, note It'll not work on perl or shell scripts).
The SUID permission makes a binary to run as the user who is the owner of the binary, rather than the user who started it.
SGID, it will run with the privileges of the files group owner, instead of the privileges of the person running the program.
-----------------------------------------------------------------------------------
0755 -> setuid, setgid, sticky bits are cleared 000
1755 -> sticky bit is set 001
2755 -> setgid bit is set 010
3755 -> setgid and sticky bits are set 011
4755 -> setuid bit is set 100
5755 -> setuid and sticky bits are set 101
6755 -> setuid and setgid bits are set 110
7755 -> setuid, setgid, sticky bits are set 111
-----------------------------------------------------------------------------------
Shirish Shukla
Any comments are welcome .
No comments:
Post a Comment
Write Here .. your comments are always wellcome ..but no spam please !!