Special Permissions In addition to the three general-purpose permissions,
rwx
, Linux has three
special permissions that are slightly more complicated. These special per-
missions are set user ID (or
SUID
), set group ID (or
SGID
), and sticky bit. I’ll
discuss each in turn in the next three sections.
Granting Temporary Root Permissions with SUID As you should know by now, a user can execute a file only if they have per-
mission to execute that particular file. If the user only has read and/or
write permissions, they cannot execute. This may seem straightforward,
but there are exceptions to this rule.
You may have encountered a case in which a file requires the permis-
sions of the root user during execution for all users, even those who are not
root. For example, a file that allows users to change their password would
need access to the /etc/shadow file—the file that holds the users’ passwords
in Linux—which requires root user privileges in order to execute. In such a
case, you can temporarily grant the owner’s privileges to execute the file by
setting the
SUID
bit on the program.
Basically, the
SUID
bit says that any user can execute the file with the per-
missions of the owner but those permissions don’t extend beyond the use of
that file.
58 Chapter 5
To set the
SUID
bit, enter a
4
before the regular permissions, so a file
with a new resulting permission of
644
is represented as
4644
when the
SUID
bit is set.
Setting the
SUID
on a file is not something a typical user would do, but if
you want to do so, you’ll use the
chmod
command, as in
chmod 4644
filename .
