Linux Second week study notes (13)

Linux second-week study notes (+)

2.19 Special Permissions Set_gid

Special Permissions Set_gid: This permission can be used on binary executables as well as in directories. The special permission set_gid permission bit is the function on the group permission bit, after the directory is set set_gid permission, Any user who creates a file in this directory has the same group as the group to which the directory belongs

-----------------------------------------------------------------------------------------------

[Email protected] ~]# chmod g+s/usr/bin/ls

[Email protected] ~]# ls-l/usr/bin/ls

-rwxr-sr-x. 1 root root 117656 Month 6 /usr/bin/ls

add set_gid after permission in the group's permission bit more than a small "s" -rwxr- s r-x. /usr/bin/ls set_gid set_uid set_uid set_gid

----------------------------------------------------------------------------------------------

Set_gid permissions function on the file ( /usr/bin/ls ):

Join Set_gid permission to see if a normal user can view /root/ permissions for the directory:

Root the user gives /usr/bin/ls File Additions Set_gid Permissions :

[Email protected] ~]# chmod g+s/usr/bin/ls

[Email protected] ~]# ls-l/usr/bin/ls

-rwxr-sr-x. 1 root root 117656 Month 6 /usr/bin/ls

Whether you can view it under a normal user /root/ Directory:

[Email protected] ~]$ ls-l/root/

Total Dosage A

-rwx------1 root root 0 1 Month 123.txt 20:53

-rw-------. 1 root root 1418 1 Month 08:19 anaconda-ks.cfg

-rw-r--r--1 root root 4358 1 Month 23:24 anaconda-ks.cfg.1

[Email protected] ~]$ ls-ld/root/

Dr-xr-x---. 3 root root 203 1 months 20:53/root/

Join Set_gid permissions can be viewed later /root/ directory, because /root/ This directory is for Root Group also has R-x permissions are read and open, so set the Set_gid permissions are then able to view /root/ directory.

-----------------------------------------------------------------------------------------------

Set_gid permissions function on the directory:

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-xr-x 2 root root 6 2 Month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt put Set_gid Permission Additions Set_gid permissions to 002 Directory:

[Email protected] tmp]# chmod g+s 002

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-sr-x 2 root root 6 2 month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

Change 002 the owning group of the directory :

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

Drwxr-sr-x 2 root user 6 2 month 3 15:25 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

in the 002 create a file under directory :

[email protected] tmp]# Touch 002/daizhihong

[Email protected] tmp]# ls-l 002/

Total Dosage 0

-rw-r--r--1 root user 0 2 month 3 15:40 daizhihong

Create /daizhihong/ after the file belongs to the group is also User User Group,

Create a subdirectory to see if the user group is User user groups:

[Email protected] tmp]# mkdir 002/yngndzh

[Email protected] tmp]# ls-l 002/

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 yngndzh

you can see the subdirectories created /yngndzh/ user groups are also User user groups, and drwxr-sr-x the group permission bit is also automatically added Set_gid permissions.

Remove Set_gid permissions again to see if the user group is still User user groups:

[[Email protected]hong01 tmp]# chmod g-s 002

[Email protected] tmp]# ls-l

Total Dosage A

drwxr-xr-x 3 root root 2 Month 1 23:29 001

drwxr-xr-x 3 root user 2 Month 3 15:44 002

-rw-r--r--1 root root 2 Month 1 23:37 123456.txt

-rw-r--r--1 root root 0 2 Month 1 22:09 123.txt

-rw-r--r--1 root root 2 Month 1 23:03 12.txt

[email protected] tmp]# Touch 002/daizhihong123

[Email protected] tmp]# ls-l 002

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

-rw-r--r--1 root root 0 2 month 3 15:51 daizhihong123

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 Yngndzh

[Email protected] tmp]# ls-l 002

Total Dosage 0

-rw-r--r--1 root user 0 2 Month 3 15:40 Daizhihong

-rw-r--r--1 root root 0 2 Month 3 15:51 daizhihong123

drwxr-sr-x 2 Root user 6 2 Month 3 15:44 Yngndzh

Drwxr-xr-x 2 root root 6 2 month 3 15:54 yngndzh123

The new file is now /daizhihong123/ the permissions of the user group become Root , create /yngndzh23/ the permissions for the directory user group also become Root .

This shows a directory setting Set_gid permission, the group that created the sub-file or subdirectory under this directory will be consistent with the parent directory.

Set_gid permissions: Not only can work on the file can also function in the directory, when Set_gid when permissions function on a file and Set_uid permissions are very similar, Set_gid permissions allow an ordinary user to temporarily have the identity of the owning group.

Set_gid when permissions are in the directory, when you create subdirectories or files, the groups that belong to the subdirectory or sub-files that you create are consistent with the groups that belong to that directory.

Linux Second week study notes (13)