SUID and/or SGID bits set on an executable file cause it to run under the user and/or group security context of the file's owner and/or group.
For example, /etc/shadow file is owned and readable only by root user. But, users may still change their passwords with the passwd command,because the passwd command has its SUID bit set, and is owned by root:
-r-------- 1 root root 3713 Jan 6 2001 /etc/shadow
-r-s--x--x 1 root root 19336 Sep 7 2004 /usr/bin/passwd
SUID and SGID bits are set using the chmod command:
chmod u+s filename
chmod g+s filename
For example, /etc/shadow file is owned and readable only by root user. But, users may still change their passwords with the passwd command,because the passwd command has its SUID bit set, and is owned by root:
-r-------- 1 root root 3713 Jan 6 2001 /etc/shadow
-r-s--x--x 1 root root 19336 Sep 7 2004 /usr/bin/passwd
SUID and SGID bits are set using the chmod command:
chmod u+s filename
chmod g+s filename
No comments:
Post a Comment