Wednesday 21 December 2011

SUID and SGID bit executables

SUID and/or SGID bits set on an executable file cause it to run under the user and/or group security context of the file's owner and/or group.

For example, /etc/shadow file is owned and readable only by root user. But, users may still change their passwords with the passwd command,because the passwd command has its SUID bit set, and is owned by root:

-r--------  1 root root 3713 Jan  6  2001 /etc/shadow
-r-s--x--x  1 root root 19336 Sep  7  2004 /usr/bin/passwd

SUID and SGID bits are set using the chmod command:

chmod u+s  filename

chmod g+s  filename

No comments:

Post a Comment

Tweets by @sriramperumalla