When talking about Operation permissions in Linux, three permissions (R, W, and X) are assigned to the corresponding three roles (owner, group member, and others, is 3*3 = 9. The records are recorded with 9 flag positions respectively. When LS-L is used to observe the file attributes, these 9 flag bits are displayed. For easy expression, assume that we calculate from the first place on the right. The permissions are recorded as 1, 2, and 3, respectively, to store the permissions of others; 4, 5, and 6 to store the permissions of this group; 7, 8, and 9 to store the owner permissions. Of course, there is also a 10th-bit representation of the file type. If the value of 1-9 is 1, the permission is granted. If the value is 0, the permission is not granted.
This is a common situation and is not included in some special cases. This special case is only for X-bit. Which is 7th, 4, and 1 digits. From the perspective of the three tickets, there can still be eight combinations, such. Obviously there is no way to express it in the original position. Therefore, when authorizing, write another number not greater than 7, and then "overlay" with the original value (overlay is just an image statement, ). For example, the command chmod 4644 AAA, the first digit 4, is written as a binary value of 100, that is, the 100 and the original 7th, 4, and 1 are "superimposed ".
What is the effect of "superposition? If it was originally 0, that is, there is no execution permission, then even if it is superimposed on a 1, it still does not play any role. 644 represents three binary numbers: 110100100, 7th, 4, and 1 are all 0, so it is useless to fold 7th bits onto 1. But the display will change-like the preceding authorization command, chmod 4666 AAA, after the execution, the AAA attribute will be displayed, and the 7th-bit will be displayed as the uppercase S. This has no impact. If it is chmod 2666 AAA, then the 4th bits are displayed as uppercase s (the binary 010 of 2, the 0 of the middle 1 and 4th bits are superimposed). If it is chmod 1666 AAA, then the first digit is the uppercase T (the binary 001 of 1, and the last 1 and 1st bits are superimposed ).
If the value is 1 in the original format, that is, the execution permission is granted, the result will be displayed. After adding 7th bits, the lower-case s will be displayed, and the lower-case s will be displayed in 4th bits; the 1st-Bit String is lowercase T. The corresponding commands chmod 4766 AAA, chmod 2655 AAA, and chmod 1665 AAA can achieve this effect.
After talking about binary digital games for a long time, it seems that we have been playing binary digital games. What is the purpose. If the 7th-bit value is set to S, it indicates SUID (set UID). Its function is that when this program is executed, the performer will be treated as the file owner (set to UID) view. If the 4th-bit value is set to s, when the program is executed, the performer will be treated as a member of the file group (set to GID. If the 1st-bit value is set to T, it does not have any effect on the file. For a directory, the file or directory created under it can be deleted only by itself and root.
In addition, SUID and SGID only work for Binary programs, but not for shell scripts. When SUID and SGID are set, the execution risk is increased. Therefore, you must be careful when performing this operation.
About SUID, SGID, sbit
