Linux Second week study notes (13)

Source: Internet
Author: User
Tags parent directory

Linux second-week study notes (+)


2.19 Special Permissions Set_gid

Special Permissions Set_gid: This permission can be used on binary executables as well as in directories. The special permission set_gid permission bit is the function on the group permission bit, after the directory is set set_gid permission, Any user who creates a file in this directory has the same group as the group to which the directory belongs

-----------------------------------------------------------------------------------------------

[Email protected] ~]# chmod g+s/usr/bin/ls

[Email protected] ~]# ls-l/usr/bin/ls

-rwxr-sr-x. 1 root root 117656 Month 6 /usr/bin/ls

add set_gid after permission in the group's permission bit more than a small "s" -rwxr- s r-x. /usr/bin/ls set_gid set_uid set_uid set_gid

----------------------------------------------------------------------------------------------

Set_gid permissions function on the file ( /usr/bin/ls ):

Join Set_gid permission to see if a normal user can view /root/ permissions for the directory:

Root the user gives /usr/bin/ls File Additions Set_gid Permissions :

[Email protected] ~]# chmod g+s/usr/bin/ls

[Email protected] ~]# ls-l/usr/bin/ls

-rwxr-sr-x. 1 root root 117656 Month 6 /usr/bin/ls

Whether you can view it under a normal user /root/ Directory:

[Email protected] ~]$ ls-l/root/

Total Dosage A

-rwx------1 root root 0 1 Month 123.txt 20:53

-rw-------. 1 root root 1418 1 Month 08:19 anaconda-ks.cfg

-rw-r--r--1 root root 4358 1 Month 23:24 anaconda-ks.cfg.1

[Email protected] ~]$ ls-ld/root/

Dr-xr-x---. 3 root root 203 1 months 20:53/root/

Join Set_gid permissions can be viewed later /root/ directory, because /root/ This directory is for Root Group also has R-x permissions are read and open, so set the Set_gid permissions are then able to view /root/ directory.

-----------------------------------------------------------------------------------------------

Set_gid permissions function on the directory:

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-xr-x 2 root root 6 2 Month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt put Set_gid Permission Additions Set_gid permissions to 002 Directory:

[Email protected] tmp]# chmod g+s 002

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-sr-x 2 root root 6 2 month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

Change 002 the owning group of the directory :

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

Drwxr-sr-x 2 root user 6 2 month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

in the 002 create a file under directory :

[email protected] tmp]# Touch 002/daizhihong

[Email protected] tmp]# ls-l 002/

Total Dosage 0

-rw-r--r--1 root user 0 2 month 3 15:40 daizhihong

Create /daizhihong/ after the file belongs to the group is also User User Group,

Create a subdirectory to see if the user group is User user groups:

[Email protected] tmp]# mkdir 002/yngndzh

[Email protected] tmp]# ls-l 002/

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 yngndzh

you can see the subdirectories created /yngndzh/ user groups are also User user groups, and drwxr-sr-x the group permission bit is also automatically added Set_gid permissions.

Remove Set_gid permissions again to see if the user group is still User user groups:

[[Email protected]hong01 tmp]# chmod g-s 002

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-xr-x 3 root user 2 Month 3 15:44 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

[email protected] tmp]# Touch 002/daizhihong123

[Email protected] tmp]# ls-l 002

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

-rw-r--r--1 root root 0 2 month 3 15:51 daizhihong123

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 Yngndzh

[Email protected] tmp]# ls-l 002

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

-rw-r--r--1 root root 0 2 Month 3 15:51 daizhihong123

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 Yngndzh

Drwxr-xr-x 2 root root 6 2 month 3 15:54 yngndzh123

The new file is now /daizhihong123/ the permissions of the user group become Root , create /yngndzh23/ the permissions for the directory user group also become Root .

This shows a directory setting Set_gid permission, the group that created the sub-file or subdirectory under this directory will be consistent with the parent directory.

Set_gid permissions: Not only can work on the file can also function in the directory, when Set_gid when permissions function on a file and Set_uid permissions are very similar, Set_gid permissions allow an ordinary user to temporarily have the identity of the owning group.

Set_gid when permissions are in the directory, when you create subdirectories or files, the groups that belong to the subdirectory or sub-files that you create are consistent with the groups that belong to that directory.


Linux Second week study notes (13)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.