Suid, sgid, sbit permissions of Linux special permissions

Time:2022-8-3

Special commands for file permission management

1: Special permissions

The basic Linux permissions learned yesterday are 9; RWX RWX RWX RWX. However, sometimes it is found that there are some special permission bit symbols in the system;

For example:

The Linux system has a total of 12 special permission symbols:

rwx rwx rwx suid guid sbit
Owner Genus group someone else User bit User group Other users

Comparison table of special permissions:

category suid guid sbit
Character representation S (upper case) S (upper case) T (in words)
Location of occurrence User permission is x User permission bit x Other user permission bits
The basic permission is x permission S (lowercase) S (lowercase) T (lowercase)
Representative figures 4 2 1
Octal representation 4000 2000 1000
Effective object User bit User group location Other users

2: Special permission command

1. Basic principle of suid:

1. Suid is identified by the s character and exists in the X corresponding permission position of the user permission bit

2. If the user permission bit of a file itself has x permission, it will be represented by s (lowercase) when setting suid permission

3. Set the number corresponding to s permission for the file as 4; It can be expressed as 4000 under octal number

4. Suid can also use the Chmod command to set permissions, which can be expressed in characters or numbers

be careful:

  • Suid only applies to executable files

  • Function: as long as the user has execution permission on the file with uid, when the user executes this file, he will execute this file as the user who owns the file; When the file is executed, the identity switch will also disappear

  • Example: when the user executes passwd; The executable file /usr/bin/passwd is executed; When executing, it will be executed as root user, and a series of files can be modified during execution (chain reaction). When the passwd binary file is executed, the user identity will become itself

  • Assumptions; What happens when the /usr/bin/passwd binary executable file has no s permission

    (when ordinary users use the passwd command, a series of related files {/ etc / passwd, shadow file} will be modified; and the primary group of these files does not belong to ordinary users, so they will have suid permission; when ordinary users use the binary command file, they will use the owner identity of the file to operate.)

    When the s execution permission of passwd file is deleted:

Check whether ordinary users can execute the binary file

This means that although ordinary users have permission to use passwd; However, if the file cannot be modified, the user will be prompted with an identity token error; Ordinary users can’t change their passwords by themselves.

Recover suid permission of /usr/bin/passwd binary

Use ordinary users to use passw to modify their own passwords; See if it succeeds

  • Take the above as an example: how to prevent users from changing passwords??

    You can modify the s permission of /usr/bin/passwd file and remove it; Although ordinary users can execute passwd; However, the /etc/shadow user password file related to the passwd command cannot be modified; In this way, users can’t change their passwords

  • Use the find command to search all s-permission bit files on the system

Parameter explanation:
-Perm: search with permission base
-Type: specify the file type (L: soft connection type; D: folder type; F: file type)
-Ls: formatted output of the searched data
-Delete: delete the matching data

Summary:
When a file with suid permission is executed, the file will run as the owner, which is equivalent to that when ordinary users execute the file, they will have the permission of the owner of the file; If the owner is root, the executor will have the permission of root user when executing the file!!

1. Suid permission is set for binary executable files and cannot be used on shell scripts (very dangerous!!)
2. The suid permission bit is on the X permission bit of the user bit. When the file is set to have s permission; If it is displayed as s, it means that the X permission bit itself has no X permission; If s (lowercase) is displayed, it means that the file permission bit itself has x permission
3. The function of suid is to let the executor have all the permissions of the owner of the file; Run the file as the owner of the file
4. Suid permission will be dangerous to the system! Generally, sudo commands are used to perform corresponding operations instead of suid permissions; When optimizing the Linux system, it will try to remove all set suid commands

2. Sgid permission bit

  • For binary file commands, sgid and suid have roughly the same functions and use methods; The difference is that suid is the permission to set the owner of the file; Sgid is the permission to set the file group

  • Suid mainly acts on binary files; Sgid is mainly used for folders: when sgid permission is set for a folder, the files created in the modified folder will be subject to the group permission of the modified folder, not the user permission of the file.

  • Sgid has different functions for files and folders:

    File:

    • Sgid is only effective for binary file commands, and the file itself needs to be modified to have X permission
    • When executing a binary file command with sgid permission, you will obtain the identity and permission of the group to which the command belongs during execution (equivalent to executing a file with suid permission)

Folder:

    • When a folder with sgid permission is set, it will ensure that all files or folders created under the folder will maintain the same group permission attribute (that is, the created files or directories will maintain the same group as the upper level directory)
  • Practical operation:

    1. Create a shared directory /home/admins

2. It is required that the group of the directory is adminuser, and the permissions of members in the adminuser group to the directory are readable, writable, and executable

3. Other users do not have any permissions (root exception)

4. Enter the file created by /home/admins and automatically inherit the permissions of the adminuser group.

(how to maintain the same group permissions as the upper level file when creating a file or directory)

Use ordinary users to create files or folders under this folder:

Restore other user permissions for the folder

Create files and folders

3. Sbit viscosity level

The permission of O is

Special points of sbit:

When a directory has a sticky bit, except for root, any user can only delete and move the files or directories created by himself without affecting other user files or directories

If the folder has no sticky bit set, and the RWX permission of the folder permission is very large; Any user with write and execute permission of this directory can delete and move any file!!

expand

1. View all environment variables of the system

Set command

2. View user’s environment variables

Env command

3. Command prompt variables

​ PS1

4. What if the user’s home directory is damaged?

  • Directly copy all files in /etc/skel file to the user’s home directory

-r: Recursive copy