• Granting Temporary Root Permissions with SUID
  • L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h




    Download 7,3 Mb.
    Pdf ko'rish
    bet66/115
    Sana27.11.2023
    Hajmi7,3 Mb.
    #106243
    1   ...   62   63   64   65   66   67   68   69   ...   115
    Bog'liq
    linuxbasicsforhackers

    Special Permissions
    In addition to the three general-purpose permissions
    rwx
    , Linux has three 
    special permissions that are slightly more complicated. These special per-
    missions are set user ID (or 
    SUID
    ), set group ID (or 
    SGID
    ), and sticky bit. I’ll 
    discuss each in turn in the next three sections.
    Granting Temporary Root Permissions with SUID
    As you should know by now, a user can execute a file only if they have per-
    mission to execute that particular file. If the user only has read and/or 
    write permissions, they cannot execute. This may seem straightforward, 
    but there are exceptions to this rule.
    You may have encountered a case in which a file requires the permis-
    sions of the root user during execution for all users, even those who are not 
    root. For example, a file that allows users to change their password would 
    need access to the /etc/shadow file—the file that holds the users’ passwords 
    in Linux—which requires root user privileges in order to execute. In such a 
    case, you can temporarily grant the owner’s privileges to execute the file by 
    setting the 
    SUID
    bit on the program.
    Basically, the 
    SUID
    bit says that any user can execute the file with the per-
    missions of the owner but those permissions don’t extend beyond the use of 
    that file.


    58
    Chapter 5
    To set the 
    SUID
    bit, enter a 
    4
    before the regular permissions, so a file 
    with a new resulting permission of 
    644
    is represented as 
    4644
    when the 
    SUID
    bit is set.
    Setting the 
    SUID
    on a file is not something a typical user would do, but if 
    you want to do so, you’ll use the 
    chmod
    command, as in 
    chmod 4644 filename
    .

    Download 7,3 Mb.
    1   ...   62   63   64   65   66   67   68   69   ...   115




    Download 7,3 Mb.
    Pdf ko'rish

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h

    Download 7,3 Mb.
    Pdf ko'rish