Lecture # 21 - SUID, SGID, and Sticky Bit

Lecture # 21 - SUID, SGID, and Sticky Bit

Special Permissions in Linux.

Special Permissions:

Linux offers some special permissions:

  • SUID

  • SGID

  • Sticky Bit

These permissions allow the non-owner user to perform different tasks on the files or directories that can only be accessed by the owner user. Once these permissions are set, the normal user can access the specific file or directory without owner user privileges.

  1. SUID:

    The SUID stands for Set-User Identification. It acts as a permission flag on an executable file that allows to execute the file with same permissions as the owner of the executable file.

    Set SUID permission (Symbolic Mode):sudo chmod u+s [file-name]

    Set SUID permission (Octal Mode):sudo chmod 4[octal-combination] [file-name]

    Remove SUID permission (Symbolic Mode):sudo chmod u-s [file-name]

    Remove SUID permission (Octal Mode):sudo chmod 0[octal-combination] [file-name]

  1. SGID:

    The SGID stands for Set-Group Identification. It acts as a permission flag on an executable file, that allows to execute the file with same permissions as the group owner of the executable file. If the directory has the SGID permission then all its files and subdirectories will have the same group ownership as the owner user.

    Set SGID permission (Symbolic Mode):sudo chmod g+s [file-name]

    Set SGID permission (Octal Mode):sudo chmod 2[octal-combination] [file-name]

    Remove SGID permission (Symbolic Mode):sudo chmod g-s [file-name]

    Removing SGID permission (Octal Mode):sudo chmod 0[octal-combination] [file-name]

  2. Sticky Bit:

    The sticky bit works on the directory. With sticky bit set on a directory, all the files in the directory can only be deleted or renamed by the file owners only or the root.

    Set Sticky Bit permission (Symbolic Mode):sudo chmod +t [directory-name]

    Set Sticky Bit permission (Octal Mode):sudo chmod 1[octal-combination] [directory-name]

    Remove Sticky Bit permission (Symbolic Mode):sudo chmod -t [directory-name]

    Remove Sticky Bit permission (Octal Mode):sudo chmod 0[octal-combination] [directory-name]