time:18.03.26
The following 2 typical files and directories are analyzed:
ll /usr/bin/passwd -rwsr-xr-x. 1 root root 27832 Jan 29 2014 /usr/bin/passwdll -d /tmpdrwxrwxrwt. 23 root root 4096 Mar 25 23:53 /tmp
SUID
When it s appears on the permissions of the owner of the file x , such as the permissions of the file we see above, this is referred to as the /usr/bin/passwd -rwsr-xr-x SET UID abbreviation SUID .
SUID permissions are valid only for binary executables
Performer has x permissions on the file
This permission is valid only during the execution of the file
The performer will have the permissions of the owner of the file
Example:
Ordinary users use passwd the command to modify their own password, in effect, the final change is the /etc/passwd file. The file permissions are as follows:
ll /etc/passwd-rw-r--r--. 1 root root 2394 Mar 25 23:17 /etc/passwd
You can see that only the root user has write permissions, because the /usr/bin/passwd suid permission bits are set, and the normal user temporarily has root permission to modify their own password indirectly when executing this command /etc/passwd .
Setup method
chmod u+s <文件或目录>
SGID
scalled abbreviation when it appears on the permissions of all groups of a directory or file x SET GIDSGID
Setup method
chmod g+s <文件或目录>
Sbit
When it t appears on the permissions of other users of the directory x , referred to as Sticky Bit short name SBIT [valid for directory only, invalid for file]
function:
When a user creates a file or directory under that directory, only their own and the root right to delete.
The most representative is the /tmp directory, anyone can /tmp add, modify the file (because the permissions are all rwx ), but only the file/directory creator with the root ability to delete their own directories or files
Setup method
chmod o+t <目录>
If the special permission is not set successfully, it is displayed as uppercase{S, S, T}
Special permissions for files and directories in Linux