linux poison RSS
linux poison Email

Setting the SUID/SGID bits

SetUID bit, the executable which has the SUID set runs with the ownership of the program owner. That is, if you own an executable, and another person issues the executable, then it runs with your permission and not his. The default is that a program runs with the ownership of the person executing the binary.

The SGID bit is the same as of SUID, only the case is that it runs with the permission of the group. Another use is it can be set on folders,making files or folders created inside the SGID set folder to have a common group ownership.

Note : Making SUID and SGID programs completely safe is very difficult (or maybe impossible) thus in case you are a system administrator it is best to consult some professionals before giving access rights to root owned applications by setting the SUID bit. As a home user (where you are both the normal user and the superuser) the SUID bit helps you do a lot of things easily without having to log in as the superuser every now and then

Setting SUID bits on the file:
Suppose I got the executable called "killprocess" and I need to set the suid bit on this file, go to command prompt and issue command: chmod u+s killprocess

Now check permission on the file with command ls -l killprocess, observe "s" that has been added for suid bit

-rwsr-xr-x 1 root root 6 Jun  7 12:16 killprocess

Setting GUID bits on the file:
go to command prompt and issue command: chmod g+s killprocess
This will set the GUID bit on the same file, check the permission on this file using command: ls -l killprocess
 
-rwsr-sr-x 1 root root 6 Jun  7 12:16 killprocess


0 comments:

Post a Comment

Related Posts with Thumbnails