Introduction
By usingsetuid、setgid 、sticky, they areLinuxSpecial permissions in can provide additional control over how files and directories are accessed and executed.
| Order | Octal numbers | Function |
|---|---|---|
| setuid | 4 | When executing a file, it runs with the permissions of the file owner, not the permissions of the user who executed it. |
| setgid | 2 | When executing a file, it will run with permissions of the file group. For directories, it will ensure that the file inherits the group of the directory. |
| sticky | 1 | For directories, it ensures that only the file owner can delete or rename the file, even if others have write permissions. |
setuid(Set User ID)
Typically used for executable binary files that require elevated permissions
Add setuid to the file
chmod u+s <filename>
Verify setuid
ls -l filename # The example output is as follows:-rwsr-xr-x 1 root root 12345 Nov 29 12:00 filename
The s in the owner's execution location (rws) represents setuid
Remove setuid
chmod u-s <filename>
setgid(Set Group ID)
When used on a file, make sure that the file runs with the file's group permissions, rather than the user's primary group permissions
When used on a directory, make sure that all files created within the directory inherit the group ownership of the directory, rather than the user's main group
Add setgid to a file or directory
chmod g+s <filename>/<directory>
Verify setgid
ls -ld <filename>/<directory> # The example output is as follows:drwxr-sr-x 2 user group 4096 Nov 29 12:00 directory_name
s in the group execution position (r-s) represents setgid
Remove setgid
chmod g-s <filename>/<directory>
sticky
Usually used for directories to prevent users from deleting or renaming files that are not their own, even if the directory has write permissions to them, and applies to shared directories such as /tmp
Add sticky bit
chmod +t <directory_name>
Verify sticky bit
ls -ld <directory_name> # The example output is as follows:drwxrwxrwt 2 user group 4096 Nov 29 12:00 directory_name
The t in the execution position of others (rwt) represents sticky (sticky bit)
Remove the sticky bit
chmod -t <directory_name>
Settings using octal numbers
chmod 6755 <filename> # First 6 = setuid + setgid (4 + 2)# The second 7 = owner's permissions rwx# The last two 5 = permissions of group and others r-x
This is the article about this article about how to set special permissions for Linux. For more related content on setting special permissions for Linux, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!