Analysis of special file permissions in Linux

In Linux, apart from common read (r), write (w), and execution (x) permissions, linux has three special permissions,
They are setuid, setgid, and stick bit www.2cto.com 1, setuid, and setgid, view your/usr/bin/passwd and/etc/passwd file permissions [root @ MyLinux ~] # Ls-l/usr/bin/passwd/etc/passwd-rw-r -- 1 root 1549 08-19 13:54/etc/passwd-rwsr-xr-x 1 root 22984/usr/bin/passwd is well known, the account and password information of each user stored in the/etc/passwd file,/usr/bin/passwd
Is the program that executes the modification and viewing of this file, but from the perspective of permission,/etc/passwd only has the root permission to write (w,
In fact, each user can use the/usr/bin/passwd command to modify the file,
Therefore, this involves the special linux permission setuid, just as the ssetuid in-rwsr-xr-x gives normal users special permissions to execute "only root permissions can be executed, setgid also means that the "Group" as a common user does not have the permission to modify the/etc/passwd file, but after giving/usr/bin/passwd the setuid permission,
Normal users can modify the/etc/passwd file by executing the passwd command with temporary root permissions.
2. stick bit (paste bit) www.2cto.com and check your/tmp directory permissions. [root @ MyLinux ~] # Ls-dl/tmpdrwxrwxrwt 6 root 4096 08-22/tmp directory is a Temporary Folder shared by all users, all users have read and write permissions, which will inevitably lead to a problem,
User A created the file a. file in/tmp. At this time, user B was upset and deleted it in/tmp (because he has the read and write permissions ),
That is definitely not acceptable. This is not the case because you have the stick bit permission,
Just as the last tstick bit in drwxrwxrwt is: unless the directory owner and root users have the permission to delete it,
Other users cannot delete or modify this directory. That is to say, in the/tmp directory, only the owner and root of the file can modify and delete the file,
Other users will not be able to avoid the problems mentioned above. The purpose is to open all permissions for a folder,
Then share the file, like the/tmp directory.
3. Set the above special permissions: setuid: chmod u + s xxxsetgid: chmod g + s xxxstick bit: chmod o + t xxx or use the octal mode, add a number before the original number. The base number represented by the three Permissions
Similar to the general permission method, for example: www.2cto.com suid guid stick bit 1 1 1. Therefore, the binary string of suid is: 100, and the binary string converted to: 4guid is: 010, conversion: 2 stick bit binary string: 001, conversion: 1 so you can also set: setuid: chmod 4755 xxxsetgid: chmod 2755 xxxstick bit: chmod 1755 xxx finally, after special permissions are set for some files, the letters are not lowercase s or t, but uppercase S and T,
This indicates that the special permissions of this file are not effective, because you have not given it the corresponding user's x permission to the author card.