setuid and setgid are access rights flags that allow users to run executable file with the permissions of the executable's owner or group respectively...
When any user runs an executable file that has either of these bits set, then the system gives the user the identity of the owner (or group) of the executable.
If an executable has the setuid bit set then when any other user runs this executable the effective user ID of the process will be switched to the user who owns this file. If gid bit is set then the process will be executed under the group of the file.
In a similar way.. if sticky bit is set on a directory then files inside the directory can be renamed or removed only by the owner of the file, owner of the dir or the root..
chmod u+s executable - set the setuid bit.
chmod g+s executable - set the setgid bit.
chmod u+t directory - set the sticky bit or directories
Numerically...
chmod 4777 executable - setuid and read/write/execute for everyone.
chmod 2777 executable - setgid and read/write/execute for everyone.
chmod 1777 directory - set sticky bit and read/write/passthrough for a directory.
http://en.wikipedia.org/wiki/Setuid
No comments:
Post a Comment