setuid (set user identifier) bit:
When setuid bit is set on executable file at the file owner level, the file is executed by other regular users with the same privileges as that of the file owner.
# chmod 4755 test.sh
Or
# chmod u+s test.sh
# ls -l test.sh
-rwsr-xr-x. 1 root root 0 Jan 23 16:37 test.sh
# find . -perm -4000
./test.sh
setgid (set group identifier) bit:
When setgid attribute is set on executable files at the group level, the file is executed by non-owners with the exact same privileges that the group members have. The setgid bit can also be set on group-shared directories to allow files and sub-directories created in that directory to automatically inherit the directory's owning group.
# chmod 2555 test
Or
# chmod g+s test
# ls -ld test
dr-xr-sr-x. 2 root root 6 Jan 23 16:40 test
# find . -perm -2000
./test
sticky bit:
The sticky bit is set on public writable directories (or other directories with rw permission for everyone) to protect files and sub-directories owned by regular users from being deleted or moved by other regular users.
# chmod 1755 test
or
# chmod o+t test
# ls -ld test
drwxr-x--T. 2 root root 6 Jan 23 16:46 test
# find . -perm -1000
./test
Reference:
RHCSA & RHCE Red Hat Enterprise Linux 7: Training and Exam Preparation Guide (EX200 and EX300), Third Edition
http://www.amazon.com/s/ref=nb_sb_noss_2?url=search-alias%3Dstripbooks&field-keywords=rhcsa+rhce+red+hat+
No comments:
Post a Comment