Home Linux Special permissions SUID, SGID and Sticky bit

Special permissions SUID, SGID and Sticky bit

Key Points:

1. What is SUID ?
2. SGID permission ?
3. Special permission Sticky bit ?

1. How to set UID (set-user Identification)

When SUID is set on a file and any user executed it, gets the same right as the owner have. For example, passwd command can be executed by any user to change the password. Because of SUID bit enabled on it and the user executes the file with the same rights as the owner (root) have.

suid bit enabled
suid bit enabled


Let’s take one more example to set- UID bit on a file ‘ file’. I have already discuss how to assign permissions by numeric method and now use digit 4 to assign SUID on a file before permissions as shown in below command:

[arun@localhost test]$ chmod  4744  file 
SUID bit set
SUID bit set

How to remove SUID from a file: Use the digit 0 before permissions.

 [arun@localhost test]$ chmod  0744  fil 

Key points: 1. SUID indicates by the symbol ‘s’.
2. Small ‘s’ indicates – execution permission enabled.
3. Capital ‘S’ means executable permission not present.
4. SUID bit set only on files, not on directories.

2. SGID ( set group identification)

SGID is behaves same as SUID, but SGID affects both the file as well as the directories and it is set on groups. When we set SGID bit on any directory, then all the sub-directories and files gets the same group ownership as the main directory has. It doesn’t matter who is creating or modifying the files or directory. Use prefix digit 2 before the permissions.

[arun@localhost test]$ sudo  chmod  2777  /test/
SGID set on linux
SGID set on linux

Remove SGID : Use the digit ’00’ before the permission

[arun@localhost test]$ sudo  chmod  00777  /test/

Key Point: Works on both files and directory.

3. Sticky bit

Stick bit used as extra secure bit on the directory and it has no effect on the files. When sticky bit applied on a directory, only be modified by the owners of the files or by the root only. Example of Sticky bit is /tmpwhere all the users can write but cannot delete the files of another user if sticky bit is enabled despite /tmp 777 (full permission) permission. To set sticky bit, use digit ‘1’ before the permissions. It is indicated by alphabet ‘t’.

[arun@localhost Desktop]$ chmod 1775 linux/
Sticky bit set on linux
Sticky bit set on linux


How to remove Sticky bit: Use digit ‘0’ before the permissions.

[arun@localhost Desktop]$ chmod 0775 linux/

Key Points: 1. It is indicated by alphabet ‘t’.
2. Small ‘t’ means executed permissions enabled.
3. ‘T’ means no execution permissions.





Congratulations !! You have successfully learned how to assign special permissions in linux.


LEAVE A REPLY

Please enter your comment!
Please enter your name here