What is SUID, SGID and Sticky bit in Linux
In this post, we are going to discuss three special types of permissions that can be set for executable files and public directories to meet our requirements. When we set these permissions, someone who runs the executable file assumes the ID as the owner (or group) of the executable file.
SETUID Permission on Executable Files
Whenever SETUID permission has set on executable files, anyone executing that command (file) will inherit the permissions of the owner of the file. The SETUID permission displays as an “s” in the owners executable field. For below example, the SETUID permission on the “passwd” command which provides access to change the passwd for users.
# ls -ltr /usr/bin/su /usr/bin/passwd
-r-sr-xr-x 1 root sys 25124 Feb 13 2009 /usr/bin/su
-r-sr-sr-x 1 root sys 22644 Aug 6 2010 /usr/bin/passwd
#
To set SETUID permission on a executable. Syntax is
# chmod 4555 [executable_file]
For example:
# touch /var/tmp/geeksearch_setuid
#
# ls -ltr /var/tmp/geeksearch_setuid
-rw-r--r-- 1 root root 0 Sep 18 20:47 /var/tmp/geeksearch_setuid
# chmod 4644 /var/tmp/geeksearch_setuid
#
# ls -ltr /var/tmp/geeksearch_setuid
-rwSr--r-- 1 root root 0 Sep 18 20:47 /var/tmp/geeksearch_setuid
#
# chmod 4555 /var/tmp/geeksearch_setuid
#
# ls -ltr /var/tmp/geeksearch_setuid
-r-sr-xr-x 1 root root 0 Sep 18 20:47 /var/tmp/geeksearch_setuid
#
To search for SETUID files
You can seach for setuid files on your system or in a specific directory using the find command. For example:
# find / -user root -perm -4000 -exec ls -ldb {} \;|head -2
-r-sr-xr-x 1 root root 0 Sep 18 20:47 /var/tmp/test_setuid
-r-sr-sr-x 1 root sys 22644 Aug 6 2010 /usr/bin/passwd
#
SETGID Permission on Executable Files
SETGID permission is similar to the SETUID, except that the process’s effective group ID (GID) is changed to the group owner of the file, and a user is granted access based on permissions assigned to that group.
# ls -ltr /usr/bin/mail /usr/bin/write
-r-xr-sr-x 1 root tty 14208 Jan 23 2005 /usr/bin/write
-r-x--s--x 1 root mail 58872 Aug 6 2010 /usr/bin/mail
To set SETGID permission on a executable. Syntax is
# chmod 2555 [executable_file]
# chmod g+s [directory]
For example:
# touch /var/tmp/geeksearch_setgid
#
# ls -ltr /var/tmp/geeksearch_setgid
-rw-r--r-- 1 root root 0 Sep 18 21:01 /var/tmp/geeksearch_setgid
#
# chmod 2555 /var/tmp/geeksearch_setgid
# chmod g+s /var/tmp/geeksearch_SETGID
#
# ls -ltr /var/tmp/geeksearch_setgid
-r-xr-sr-x 1 root root 0 Sep 18 21:01 /var/tmp/geeksearch_setgid
#
# ls -ld /var/tmp/geeksearch_SETGID
dr-xr-sr-x 2 root root 512 Sep 18 21:06 /var/tmp/geeksearch_SETGID
#
To search for SETGID files:-
# find / -user root -perm -2000 -exec ls -ldb {} \;|head -2
-r-xr-sr-x 1 root root 0 Sep 18 21:01 /var/tmp/geeksearch_setgid
dr-xr-sr-x 2 root root 512 Sep 18 21:06 /var/tmp/geeksearch_SETGID
#
Sticky Bit Permission on Public Directories
If the directory permission has the sticky bit permission set, then the file can be deleted only by the owner of the file/directory or the root user. This special permission prevents to delete other user’s file from public directories.
# ls -ld /tmp
drwxrwxrwt 10 root sys 854 Sep 18 22:09 /tmp
#
To set Stickybit permission on a folder. Syntax is
# chmod 1777 [Public_Directory]
For example:
# mkdir -p /vat/rmp/geeksearch_stickybit
#
# chmod 1777 /vat/rmp/geeksearch_stickybit
#
# ls -ld /vat/rmp/geeksearch_stickybit
drwxrwxrwt 2 root root 512 Sep 18 22:41 /vat/rmp/geeksearch_stickybit
#
To search for Sticky bit folders
Similarly, we can also search for the sticky bit directories. For example:
# find / -user root -perm -1000 -exec ls -ldb {} \;|head -2
drwxrwxrwt 3 root mail 512 Aug 13 01:05 /var/mail
drwxrwxrwt 2 root root 512 Sep 18 22:41 /vat/rmp/geeksearch_stickybit
#