Special File Permissions in Linux
All you need to know about SetUID, SetGID and Sticky Bit
Introduction:
File Permissions are a crucial entity in the Linux File System. They decide if a specific user can create, edit, delete, or execute a file. Understanding basic file permissions in Linux and types of ownership (user, group, other) is important to understand the concepts of this article better. If you want a quick recap or a brief introduction to the basic file permissions, please have a look at this article.
Topics covered below:
- SGID
- sticky bit
- takeaways
- limitations
SUID:
The setUID (suid) is a flag that enables users running a script, to inherit the owner’s privileges when executing that script. It can also be considered as a way to temporarily escalate the privileges of a user to perform specific tasks that only privileged users can do.
The first example that comes to my mind for this scenario is the default file permissions of a file used for changing the password of a user. This binary should access and update the files /etc/passwd
and /etc/shadow
which can only be modified by root.
$ ls -la /usr/bin/passwd…