Linux files and directories special permission bits introduction and Practice (Setuid setgid)

Source: Internet
Author: User


Introduction and practice of special permission bits for Linux files and directories


In Linux, both Superuser root and normal user can use the command "passwd" command to modify their password, but everyone who knows Linux know that the Linux password is stored in the /etc/passwd/etc/shadow


Check permissions with ls-l/etc/passwd/etc/shadow

[Email protected] ~]# ls-l/etc/passwd/etc/shadow-rw-r--r--. 1 root root 1497 March 21:15/etc/passwd----------. 1 root root 984 March 21:15/etc/shadow

The ordinary user does not have write permission how can I change the password?

The point is, passwd this command, check the permissions of the passwd command.

[email protected] ~]# which passwd/usr/bin/passwd[[email protected] ~]# ls-l/usr/bin/passwd-rwsr-xr-x. 1 root root 25980 February 2012/usr/bin/passwd

There's an s in it that shows that this command has setuid permissions.

If we root executes

[Email protected] ~]# chmod 644/usr/bin/passwd

Then switch to the su-admin user to change the password

[[email protected] ~]$ Passwd-bash:/usr/bin/passwd: Insufficient permissions

and give setuid authority back to the master 4 .

[Email protected] ~]# chmod 4755/usr/bin/passwd

[[email protected] ~]$ passwd change the user admin password. Change the STRESS password for admin. (current) UNIX password:

Now you can change your password.

Add permissions to a group account 2

[Email protected] ~]# ls-l/usr/bin/passwd-rwsr-xr-x. 1 root root 25980 February 2012/usr/bin/passwd[[email protected] ~]# chmod 2755/usr/bin/passwd [[email protected] ~]# LS- L/usr/bin/passwd-rwxr-sr-x. 1 root root 25980 February 2012/usr/bin/passwd

Remove the authority is 0

[Email protected] ~]# chmod 0755/usr/bin/passwd[[email protected] ~]# ls-l/usr/bin/passwd-rwxr-xr-x. 1 root root 25980 February 2012/usr/bin/passwd


This article from "Stick is not Sugar" blog, reprint please contact the author!

Linux files and directories special permission bits introduction and Practice (Setuid setgid)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.