The basic security of a Linux computer is based on file permissions. In this article, I will explain some Linux special permissions which you can set for files and directories.
Linux Special permissions
- sticky bit
The suid/setuid bit is represented by s (Octal 4).This special permission allows a user to access files and directories that are normally only available to the owner. Usually, when a user executes a command that access files, the system checks the user’s permissions for the files. In some cases, this may cause problems. For example, the suid permission on the passwd command makes it possible for a normal user to change passwords by updating few system files like /etc/passwd and /etc/shadow which can’t be updated by non-root accounts. Therefore, passwd command always run with root user rights.
-rwsr-xr-x 1 root root 54256 Mar 29 14:55 /usr/bin/passwd*
How can we set SUID?
First of all the octal digit for the sgid is 2.It is almost similar to suid, except that the process will have the same group rights of the file being executed. When sgid permission is applied to a directory, all sub directories and files created inside this directory will get the same group ownership as main directory and not to the user’s group ownership.
How can we set SGID?
The sticky bit is represented by t (octal -1). It is mainly used to protect files within a directory. So, if a directory has the sticky bit set, a file can be deleted only by the owner of the file, the owner of the directory, or by root. This is useful for publically accessible directories like /tmp.
How can we set Sticky Bit?