As we all know, Linux file permissions such as: 777;666, in fact, as long as the corresponding file with the UID of the permissions, you can use to add permissions to the identity of the person to run this file. So we just have to copy bash out to another place, and then use root with UID permissions, and as long as the user runs the shell, it can execute any file with the identity of root.
A file has an owner that indicates who created the file. At the same time, the file also has a group number that represents the group to which the file belongs, typically the group to which the file owner belongs.
In the case of an executable file, the file normally has only the permissions of the user who invoked the file at execution time. And setuid, Setgid can change this setting.
Setuid: Sets permissions that make the file the owner of the file during the execution phase. The typical file is/usr/bin/passwd. If the normal user executes the file, the file can get root permissions during execution, allowing the user's password to be changed.
Setgid: This permission is valid only for directories. When the directory is set to this bit, any user created under this directory has the same group as the group that the directory belongs to.
Sticky bit: This bit can be understood as an anti-deletion bit. Whether a file can be deleted by a user depends primarily on whether the group to which the file belongs has write permissions for that user. If you do not have write permission, all files in this directory cannot be deleted, and new files cannot be added. If you want users to be able to add files and not delete files at the same time, you can use the sticky bit bit for the file. After this bit is set, the file cannot be deleted even if the user has write permission to the directory.
Let's say how to manipulate these flags:
Manipulating these flags is the same as the command to manipulate file permissions, all chmod. There are two ways to operate,
1 chmod U+s Temp--add setuid flag to temp file. (setuid only valid for files)
chmod g+s tempdir--setgid flag for TempDir directory (setgid only valid for directory)
chmod o+t Temp--add sticky flag to temp file (sticky only valid for files)
2) Adopt Octal method. For general documents through three sets of octal numbers to mark, such as 666, 777, 644. If you set these special flags, a set of octal numbers is added outside this set of numbers. such as 4666, 2777 and so on. This group of octal digits has the following meanings: three digits,
Abc
A-setuid bit, if the bit is 1, the setting setuid
B-setgid bit, if the bit is 1, the setting setgid
C-sticky bit, if the bit is 1, the setting sticky
After you have set these flags, you can use ls-l to view them. If these flags are present, they are displayed at the original execution flag location. Such as
rwsrw-r--says there are setuid signs.
rwxrwsrw-says there are setgid signs.
RWXRW-RWT says there are sticky signs.
So where did the original execution Mark X go? The system is so specified that if there is an X on that bit, these special flags appear as lowercase letters (s, s, T). Otherwise, display as uppercase letters (s, S, T)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
