Special privileges of special permissions in Linux

The following article is reproduced from http://blog.csdn.net/liuyuan_jq/article/details/1819085

Special Linux permissions: setuid, setgid, sticky)

(1) Directory x permission (execution ).
The executable permission of a file is simple, that is, whether the file can be executed. What does the directory execution permission mean?

Of course, it is impossible to execute this directory. In fact, if this execution permission is used on the directory, it will not

Indicates the meaning of execution, but the "Search" permission. When you want to access the/etc/httpd. conf file

You must have the X (Search) permission on the etc directory. Otherwise

You cannot access the httpd. conf file.

(2) setuid, setgid

That is: set-User ID bit, set-group ID bit.

Once this flag is set for a program, the process that runs the program will have all

For example, if one of your programs is owned by the root user and the setuid bit is set

A common user runs this program, but the identity of this program is the same as that of a Super User. It can access all resources that can only be accessed by the root user.

Setuid command usage:

To improve user permissions, normal users can execute the change command to upgrade themselves to the root

Chmod 4755 your_program

Setgid command usage:

Similar to setuid, the user binds all the group permissions of the file when executing the file. The setgid file is rarely used, usually both setuid and setgid.

Chmod 2755 your_program

Setuid and setgid command usage:

It is usually not used to enhance permissions, but to bind special permissions of a special user and its Group.

Chmod 6755 your_program

(3) sticky)

Eg:

Chmod 777 ABC

Chmod + T ABC

Equivalent

Chmod 1777 ABC

In the old system, if a program file is set with a sticking bit, when the program is aborted

All his command segments will be protected

Stored in the SWAp partition of the system, and can be transferred to the system more quickly during re-running. However, the current operating system

This function is no longer used. However

It does not indicate that this function has been completely deprecated. When a directory is set as a sticking bit, it will play a special role

When a directory is set to "Sticky Bit" (with chmod A + T ),
1. Delete super Administrator
2. Delete the owner of the Directory
3. Delete the owner of the file
That is to say, even if the directory can be written by anyone, only the owner of the file can delete the file.

----------------------------------------------------------------------------------

You can also refer to the following articles.

Http://www.guanwei.org/post/LINUXnotes/09/linuxmulu.html