Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Permission Question
Top Forums UNIX for Dummies Questions & Answers Permission Question Post 302269218 by Tiger75 on Wednesday 17th of December 2008 05:56:33 AM
Old 12-17-2008
s stands for setting the User ID/Group ID.
t stands for setting the Sticky bit
  • SUID or setuid: change user ID on execution. If setuid bit is set, when the file will be executed by a user, the process will have the same rights as the owner of the file being executed.
  • SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
  • Sticky bit. It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependant and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.
The most common use of the sticky bit today is on directories, where, when set, items inside the directory can only be renamed or deleted by the item's owner, the directory's owner, or the superuser. Generally this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files.
The sticky bit can only be set by superuser root. Using the chmod command, it can be set using its octal mode 1000 or by its symbol t (s is already used by the setuid bit).
SUID stands for "Set User-ID". If the suid bit is enable on an executable, then whenever that program is run the process will take on the privilege of whoever the file owner is. For example if I have a suid binary which is owned by "root" and I execute it as my normal (non-root) user name, it will execute with all the permissions of root.


SUIDIf set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise. Examples:
-rws------ both owner execute and SUID are set
-r-S------ SUID is set, but owner execute is not setSGIDIf set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise. Examples:
-rwxrws--- both group execute and SGID are set
-rwxr-S--- SGID is set, but group execute is not setStickyIf set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise. Examples:
-rwxrwxrwt both others execute and sticky bit are set
-rwxrwxr-T sticky bit is set, but others execute is not set
 

10 More Discussions You Might Find Interesting

1. Filesystems, Disks and Memory

Tricky File Permission Question

I'm trying to answer the following question about file permissions in Unix. Consider a file with the following permissions: rwx---r-- I am not the owner of this file, but I am a member of the group of this file. My question is: do I have read access to this file? I thought... (3 Replies)
Discussion started by: Hook
3 Replies

2. UNIX for Dummies Questions & Answers

Basic question re. permission denied

Hi I have a folder with permissions like this: drwxr-xr-x 2 root root 4096 Mar 4 18:02 sites But when I try to cd to this directory as 'testuser' (member of testuser) I get Permission Denied. My understanding of permissions is that in this case other (say testuser) should be able to... (2 Replies)
Discussion started by: justinwyllie
2 Replies

3. UNIX for Dummies Questions & Answers

group & user permission question

Folks; I'd like to create a group on my Linux box & add a few users to it. Is there a way to do so and restrict this group/users to have access to only one or directory trees? Let's say i need this group to only have a read write access to only these two directories /opt/Virtu & /fsn/comers ... (10 Replies)
Discussion started by: Katkota
10 Replies

4. UNIX for Dummies Questions & Answers

a permission question

what permissions are needed in order to run an executable file if you ae not the ownner? read, and excute? would it be chmod 717? (5 Replies)
Discussion started by: trob
5 Replies

5. Ubuntu

Permission (I Think)

Pictures by worthamtx - Photobucket The URL is graphic view my present concern. Old partition working great sdb1 both appear on nautilus, both deliver icons to desk top. Based on the label handling of gparted results I tried following with success sudo mkdir /media/disk/data sudo chown... (1 Reply)
Discussion started by: 77yrold
1 Replies

6. UNIX for Dummies Questions & Answers

Simple question on unix file permission

As I understand the file permissions in UNIX is basically Owner, group, others Lets assume scott user who's primary group is dev creates a file called test.dat and then grants some privileges on that file... scott@unix-host> echo "this is a test" > test.dat scott@unix-host> chmod 640... (4 Replies)
Discussion started by: luft
4 Replies

7. UNIX for Dummies Questions & Answers

permission question

Hi, On the Redhat ES, when I do ls -l I see dot (.) after the permission. I never saw on other UNIX systems. Is that some thing new RH 6? -rw-r--r--. <---- this dot, I am referring to -rw-r--r--. 1 root root 18 May 20 2009 .bash_logout -rw-r--r--. 1 root root 176 May 20 ... (1 Reply)
Discussion started by: samnyc
1 Replies

8. Red Hat

SeLinux permission question

Hi, in /etc/httpd/conf/httpd.conf #DocumentRoot "/var/www/html" DocumentRoot "/home/phpmy/html" when I restarted httpd # /etc/init.d/httpd restart Stopping httpd: Starting httpd: Syntax error on line 293 of /etc/httpd/conf/httpd.conf:... (0 Replies)
Discussion started by: jediwannabe
0 Replies

9. UNIX for Dummies Questions & Answers

File Permission question

Experts: i want to change this permission back to the way it was: Initial: drwxr-xr-x 8 oracle oinstall 4096 Jun 5 15:21 oracle Now: drwxr-xr-x 8 oracle oinstall 4096 Jun 5 15:21 oracle drwsr-sr-x 8 oracle oinstall 4096 Jun 5 15:21 oracle Now I want to switch it back to ... (2 Replies)
Discussion started by: sumang24
2 Replies

10. Shell Programming and Scripting

Permission denied question

Dear forum members, Below is my code, but I am getting permission denied when I try to run the script. Can someone explain what I am missing. I am using Mojave and try to run script on terminal. #!/bin/bash read -p "amino acid: " AAA if || || || || || || || || || || ||... (2 Replies)
Discussion started by: Aurimas
2 Replies

LEARN ABOUT REDHAT

chmod

CHMOD(1)								FSF								  CHMOD(1)

NAME

       chmod - change file access permissions

SYNOPSIS

       chmod [OPTION]... MODE[,MODE]... FILE...
       chmod [OPTION]... OCTAL-MODE FILE...
       chmod [OPTION]... --reference=RFILE FILE...

DESCRIPTION

       This  manual  page  documents  the  GNU version of chmod.  chmod changes the permissions of each given file according to mode, which can be
       either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new permissions.

       The format of a symbolic mode is `[ugoa...][[+-=][rwxXstugo...]...][,...]'.  Multiple symbolic operations can be given, separated  by  com-
       mas.

       A  combination of the letters `ugoa' controls which users' access to the file will be changed: the user who owns it (u), other users in the
       file's group (g), other users not in the file's group (o), or all users (a).  If none of these are given, the effect  is  as  if  `a'  were
       given, but bits that are set in the umask are not affected.

       The  operator  `+' causes the permissions selected to be added to the existing permissions of each file; `-' causes them to be removed; and
       `=' causes them to be the only permissions that the file has.

       The letters `rwxXstugo' select the new permissions for the affected users: read (r), write (w), execute (or access  for	directories)  (x),
       execute	only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), sticky
       (t), the permissions granted to the user who owns the file (u), the permissions granted to other users who are members of the file's  group
       (g), and the permissions granted to users that are in neither of the two preceding categories (o).

       A  numeric  mode  is  from  one	to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1.  Any omitted digits are
       assumed to be leading zeros.  The first digit selects the set user ID (4) and set group ID (2) and sticky (1) attributes.  The second digit
       selects	permissions for the user who owns the file: read (4), write (2), and execute (1); the third selects permissions for other users in
       the file's group, with the same values; and the fourth for other users not in the file's group, with the same values.

       chmod never changes the permissions of symbolic links; the chmod system call cannot change their permissions.  This is not a problem  since
       the  permissions  of  symbolic links are never used.  However, for each symbolic link listed on the command line, chmod changes the permis-
       sions of the pointed-to file.  In contrast, chmod ignores symbolic links encountered during recursive directory traversals.

STICKY FILES

       On older Unix systems, the sticky bit caused executable files to be hoarded in swap space.  This feature is not useful on  modern  VM  sys-
       tems, and the Linux kernel ignores the sticky bit on files.  Other kernels may use the sticky bit on files for system-defined purposes.	On
       some systems, only the superuser can set the sticky bit on files.

STICKY DIRECTORIES

       When the sticky bit is set on a directory, files in that directory may be unlinked or renamed only by root or  their  owner.   Without  the
       sticky  bit,  anyone  able  to write to the directory can delete or rename files.  The sticky bit is commonly found on directories, such as
       /tmp, that are world-writable.

OPTIONS

       Change the mode of each FILE to MODE.

       -c, --changes
	      like verbose but report only when a change is made

       -f, --silent, --quiet
	      suppress most error messages

       -v, --verbose
	      output a diagnostic for every file processed

       --reference=RFILE
	      use RFILE's mode instead of MODE values

       -R, --recursive
	      change files and directories recursively

       --help display this help and exit

       --version
	      output version information and exit

       Each MODE is one or more of the letters ugoa, one of the symbols +-= and one or more of the letters rwxXstugo.

AUTHOR

       Written by David MacKenzie.

REPORTING BUGS

       Report bugs to <bug-coreutils@gnu.org>.

COPYRIGHT

       Copyright (C) 2002 Free Software Foundation, Inc.
       This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICU-
       LAR PURPOSE.

SEE ALSO

       The  full  documentation  for chmod is maintained as a Texinfo manual.  If the info and chmod programs are properly installed at your site,
       the command

	      info chmod

       should give you access to the complete manual.

chmod (coreutils) 4.5.3 					   February 2003							  CHMOD(1)
All times are GMT -4. The time now is 04:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy