When setuid (set-user identification) permission is set on an executable file or any ile, a process that runs this file is granted access based on the owner of the file (usually root), rather than the user who created the process. This permission enables a user to access files and directories that are normally available only to the owner.
The setuid permission is shown as an "s" in the file permissions.
# ls -l
-rw-r--r-- 1 admin other 54 Aug 8 01:43 pss.sh
# chmod 4554 pss.sh
#ls -l pss.sh
-r-sr-xr-- 1 admin other 54 Aug 8 01:43 pss.sh
You setuid permissions by using the chmod command to assign the octal value 4 as the first number in a series of four octal values
setgid Permission :
The setgid (set-group identification) permission is similar to setuid, except that the effective group ID for the process is changed to the group owner of the file and a user is granted access based on permissions granted to that group. The pss.sh program has setgid permissions:
# chmod 2554 pss.sh
# ls -l
-r-xr-sr-- 1 admin other 54 Aug 8 01:43 pss.sh
You can set setgid permissions by using the chmod command to assign the octal value 2 as the first number in a series of four octal values.
If you need to use both UID and GID on same file.follow below
# chmod 4554 pss.sh
# chmod g+s pss.sh
# ls -l
-r-sr-sr-- 1 admin other 54 Aug 8 01:43 pss.sh
Both files are enabled for UID/GID.
1 comment:
you can also use
#chmod 64554 filename
for group sticky bit access.
Post a Comment