The bits with octal values 4000 and 2000 are the setuid and setgid bits, when set on executable files , these bits allow programs to access files and processes that would be otherwise be off limits to the user that runs them
Using Symbols
To add both the User ID and Group ID permissions to a file, you use the s option. The
following example adds the User ID permission to the pppd program, which is owned by
the root user. When an ordinary user runs pppd, the root user retains ownership, allowing
the pppd program to change root-owned files.
# chmod +s /usr/sbin/pppd
The Set User ID and Set Group ID permissions show up as an s in the execute position of the owner and group segments. Set User ID and Group ID are essentially variations of the execute permission, x. Read, write, and User ID permissions are rws instead of rwx.
# ls -l /usr/sbin/pppd
-rwsr-sr-x 1 root root 184412 Jan 24 22:48 /usr/sbin/pppd
Using the Binary Method
For the ownership permissions, you add another octal number to the beginning of the octal digits. The octal digit for User ID permission is 4 (100) and for Group ID, it is 2 (010) (use 6 to set both—110). The following example sets the User ID permission to the pppd program,along with read and execute permissions for the owner, group, and others:
# chmod 4555 /usr/sbin/pppd
No comments:
Post a Comment