Oracle Tips by Burleson

Special permission mode settings

There are a few special permission mode settings that are worthy of noting.

Mode Description

Sticky bit

Used for shared directories to prevent users from renaming or deleting each others files. The only users who can rename or delete files in directories with the sticky bit set are the file owner, the directory owner, or the super-user (root). The sticky bit is represented by the letter ‘t’ in the last position of the other permissions display. To set the sticky bit on a directory called /shared use either of the following commands:

chmod 1777 shared

or

chmod o+t shared

SUID

Set user ID, used on executable files to allow the executable to be run as the user owner of the executable rather than as the user logged into the system.

SGID

Set group ID, used on executable files to allow the file to be run as if logged into the group (like SUID but uses file group permissions).

SGID can also be used on a directory so that every file created in that directory will have the directory group owner rather than the group owner of the user creating the file.

It gets sticky

You can set a file permission to allow a user to take-on the authority of another user when they execute the program.

SUID allows you to take-on new identities

The following example displays the SUID permission mode that is set on the passwd command, indicated by the letter ‘s’ in the last position of the user permission display. Users would like to be able to change their own passwords instead of having to ask the System Administrator to do it for them.

Since changing a password involves updating the /etc/passwd file owned by root and protected from modification by any other user, the passwd command is executed as the root user

The above book excerpt is from:

Easy Linux Commands
Working Examples of Linux Command Syntax

ISBN: 0-9759135-0-6   

Terry Clark 

http://www.rampant-books.com/book_2005_1_linux_commands.htm