Linux Special Permissions 🐧
In Linux, we have special permissions beyond the standard read, write, and execute permissions. These special permissions can be used to grant users access to perform actions that require root privileges, without giving them full root access.
🤔 Use Case: Password Change
For example, let's consider the case of changing your password. The password command needs to modify the /etc/shadow file, which is owned by the root user. Normally, you would need to use sudo to make changes to this file. However, with a special permission called setuid, the password command can be run with the permissions of the root user, allowing a regular user to change their password without having full root access.
📜 Special Permission Bits
Linux has three main special permission bits:
setuid (SUID): Allows a file to be executed with the permissions of the file's owner, rather than the user executing the file.
setgid (SGID): Allows a file to be executed with the permissions of the file's group, rather than the user's primary group.
sticky bit (t): Prevents users from deleting or renaming files they don't own in a directory, even if they have write permission.
You can set these special permissions using either symbolic (e.g., chmod u+s file) or numeric (e.g., chmod 4755 file) formats.
📁 Example: /tmp Directory
/tmp DirectoryThe /tmp directory is a good example of the sticky bit in action. The /tmp directory is writable by all users, but only the root user or the owner of a file can delete it. This is achieved by setting the sticky bit on the /tmp directory.
The t at the end of the permissions indicates the sticky bit is set.
🔑 Importance of Permissions
Understanding user access, group access, passwords, and permissions is crucial for building a strong foundation in computer security. These concepts are essential for managing user access, securing systems, and preventing unauthorized actions.
Last updated