My Tech notes: Quick Note on Set-User-Id (SUID) flag

Unix Documentation

Free Online Unix Training Materials

Lists many links to free Unix training materials.

Pointers and Arrays Materials

Pointers and Arrays materials Explained for C beginners

C FAQ and General Questions C Interview Questions

Powered By

Free XML Skins for Blogger

Powered by Blogger

Tuesday, June 17, 2008

Quick Note on Set-User-Id (SUID) flag

set-user-id (suid) flag set on file
A binary owned by root with set-user-id flag set runs with root privileges, even when an ordinary user invokes it. [2] This is useful for executables (such as pppd and cdrecord) that need to access system hardware. Lacking the suid flag, these binaries could not be invoked by a non-root user.
-rwsr-xr-t 1 root 178236 Oct 2 2000 /usr/sbin/pppd

Using chmod how to set this flag?
A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1. Omitted digits are assumed to be leading zeros, except that if the first digit is omitted, a directory's set user and group ID bits are not affected. The first digit selects the set user ID (4) and set group ID (2) and restricted deletion or sticky (1) attributes.
The second digit selects permissions for the user who owns the file: read (4), write (2), and execute (1);
the third selects permissions for other users in the file's group, with the same values;
Fourth for other users not in the file's group, with the same values.

chmod 4777 /sbin/ifconfig
sets the set-uid bit
chmod 2777 /sbin/ifconfig
sets the set-gid bit

No comments:

Post a Comment