The use of suid sgid sticky in linux __linux

SUID to set User ID
SGID is set Group ID

SUID

When an executable with a suid bit is executed, the file will run as the owner, meaning that whoever executes the file has the file owner's privileges.

If the owner is root, then the executor has the privilege of being superuser.

SGID

When an executable with a sgid bit is run, the file will have the privileges of the owning group and arbitrarily access the system resources that the entire group can use.

If a directory is set to Sgid, all files that are copied to this directory will be reset to the same directory, unless you add the parameters of-p (preserve, reserved file attributes) to the file to keep the group settings that you originally belong to.

Sticky-bit

After a file has been set Sticky-bit, the owner must perform the deletion, move, and so on, although other users have write permissions.

After a sticky-bit is set up for a directory, the file stored in the directory allows only the owner to perform the deletion, move, and so on.

Popular Understanding:

Suid is the privilege of adding suid to a file, the other user has the right to the owner of the file.
Sgid is the privilege of adding sgid to a file, the other user has the permissions of the group to which the file belongs.
The method is chmod o+s or chmod g+s
chmod o+t is the file created by this account, and no one else can delete it except himself.
chmod g+t is the file created by this group, and no one else can delete it.

Here's what you need to know before you set up

View File Permissions

Use the Ls-l command in Linux to view file permissions

For the top ten D rwx r-x r-x

The 1th bit represents the file type, which can be P, D, L, S, C, B, and-:

-Represents a normal file

s represents the socket file

c indicates character device files

b represents a block device file

P represents a named pipe file

D Represents a catalog file

L represents a symbolic connection file

The next three bits are a set of No. 234, 456, 789 bits that represent the permissions of the file owner, the permissions of the same group of users, the permissions of other users in the form of "r,w,x,-" four, where R-readable w can write x executable-no permissions

Examples of using suid Sgid

Why to use Suid/guid.

If I manage several large database systems, it requires system administration permissions to back them up. I wrote a few scripts and set up their G u i d, and some of the users I specified would be able to do the job as long as the scripts were executed without the need to be a database administrator
Log in to avoid accidentally damaging the database server. By executing these scripts, they can perform database backups and other administrative tasks, but after these scripts are run, they revert back to their rights as normal users.

The order to add suid and subtract suid to the document is as follows:

chmod u+s filename set suid bit

chmod u-s filename Remove suid settings

Sgid Settings and Removal commands

chmod g+s filename Set sgid bit

chmod g-s filename Remove sgid settings

About the use of sticky

chmod o +t filename set sticky bit

chmod o-t filename Remove sticky bit

* * About SUID instance use

First create a file under the normal user touch 1

View its permissions ll 1

Its file owner is the ordinary user Redhat

Modify the touch permission under root/usr/bin

chmod U+s Touch

Switch to normal user create a file touch 2

View its permissions ll 2

Its file owner is Superuser root

The use of suid is probably this way.

A summary of the examples used for sgid and sticky.

1-16.1.10. 0:27 am