Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Linux file permissions bit forced bits and adventure Comments     - 10 really interesting Linux command (Linux)

- CentOS 6.3 compile and install LNMP environment (Server)

- The principle Httpclient4.4 (execution request) (Programming)

- Acquaintance C ++: the most simple C ++ program (Programming)

- Big Data Common Glossary (Linux)

- How to monitor Nginx (Database)

- JavaScript function definition mode (Programming)

- MongoDB 2.6 deployment replica set + partitions (Database)

- To install Emacs under CentOS 6.5 (Linux)

- Create and modify Oracle temporary table space (Database)

- To install Xen in Ubuntu 12.04 (Linux)

- Oracle background processes daemons (Database)

- Linux Command Study Notes (Linux)

- Analysis of C ++ exception mechanism (Programming)

- Ubuntu PPA install SMPlayer 14.9 (Linux)

- To share Linux script automatically change passwords (Linux)

- Steps to build MPICH2 development environment on CentOS 6.4 (Linux)

- findmnt- Looking mounted file system (Linux)

- Use Observium to monitor your network and servers (Server)

- Define and modify strings principle in Python (Programming)

  Linux file permissions bit forced bits and adventure Comments
  Add Date : 2017-08-31      
  Linux, in addition to file permissions to read, write, execute, there are special privileges and adventure bit forced bits

Linux permissions of files in the following (in Linux is a file directory):

Force / Adventure | User | Group | Other
  sst rwx rwx rwx

Here to explain the force bit and bit adventure
Forced bit: setuid and setgid, mainly used for file and directory
Adventure bit: sticky, only the directory, most of the shared directory

setuid (using a u s in place of the x) can only be set on the file
Role of file:
    By default, the user executes a command, it will be the identity of the user to run the process. Are based on the user's permission to perform when the owner of the latter document set SUID, all users execute the file. That allows users to perform on this file does not have permission to execute this file.

setgid (using a g s in place of the x) only on the Directory Settings
Role of directory:
    By default, user-created file folder belonging to the group the user is currently located, but after setting SGID, expressed in this directory, files created anyone, will belong to the group directory belongs to, but users still belongs to the user creates.

(Using a t o x-position) sticky can only be set on a directory
Role of directory:
    By default, if a directory has permissions on w and x o, then anyone can create and delete files in this directory. Once the adventure bit on a directory, then in this directory, only the file owner, the directory owner and the system administrator can delete files. Other users can not.

NOTE: The above settings directly in the document is not useful bit of adventure, adventure bit to create the directory above

Forced bits and adventure-bit expression:
    Forcing Bit Bit and adventure add execute permissions on the position, forcing the use of S and s bits to represent the adventure using T and t bits to represent. If the location Uehara has execute permission, then forced bits and adventure-bit representation of the lowercase letters. Otherwise, in uppercase letters. which is:
S: This bit indicates no x bits s: indicates that the bit x bit

T: This bit indicates no x bits t: x indicates that the bit position

Ps: If forced bits S to uppercase, then the corresponding execute permission bit has not been set, it is a useless suid settings can ignore its existence.

Setting force bit and bit adventure
1: The +, - to set the force bit and bit adventure
set uid: # chmod u + s filename
              # Chmod u-s filename of the file unforced bit
set gid: # chmod g + s filename
sticky: # chmod o + t dir

2: Force bit and bit adventurous, performed on three digital literacy to be specified by the digital setting
4 (set uid) 2 (set gid) 1 (sticky)

# Chmod 4 --- set the setuid files
# Chmod 2 --- set the setgid directory
# Chmod 1 --- sticky directory settings
# Chmod 6 --- directory / file settings GUID, UID

Note: chmod command does not make the necessary integrity checks can give any privileges to certain useless files, but does not have permission to set the combination to do inspections. Therefore, a file has execute permission does not necessarily program or script.

SUID example:
    By default, all users can use the ping command, but the file viewer will find where the ping command, users and groups this document belongs to belong to root, and normally only the root user can execute the command, but in fact will find all users can use this command. Because the location where the file permissions ping command has a s x
# Ping -c 4 www.linuxidc.com
If you remove the suid will find that other users can not use a change command
# Chmod u-s / bin / ping
# Su - linuxidc
$ Ping -c 4 www.linuxidc.com
ping: icmp open socket: Operation not permitted

The above example, the mandatory bit instruction files, allowing users to perform the instruction to the identity of the owner or owning group instruction files running processes. Also it shows that if a command is not s ordinary users can not use the privilege

SGID example:
A team to develop a project, all the project files are stored in a directory, this directory is set SGID, allows all users of the new files are in the same group. Then set permissions on the directory, so that everyone can see the file to other users created.

STICKY example:
    As a team to develop a project to set up a directory on a sticky bit, all team members can create files in this directory, but only delete files that you created (except the root), which under directory user to open the file protection.

Find suid files
# Ls -l | grep '^ ... s'

Find suid and guid document
# Ls -l | grep '^ ... s..s'
- Ubuntu 14.04 Boot Repair (Linux)
- PostgreSQL 9.3.2 Json type of use (Database)
- Linux system boot process detail (Linux)
- iptables allow only specific ip address to access the specified port (Linux)
- How to generate Linux, random password encryption or decryption (Linux)
- CentOS 7 install Hadoop-cdh-2.5 on Mesos (Server)
- Linux install Samba file sharing server (Server)
- Source code is installed MySQL 5.6.28 (Database)
- Linux account management add relevant directives (Linux)
- Cacti monitoring service Nginx (Linux)
- Erase do with HTML5 Canvas and diffusion effect (Programming)
- How to Install Sticky Notes on Ubuntu and Derivatives (Linux)
- Experts teach you safety precautions Linux Sniffer (Linux)
- Android shutdown (reboot) process (Programming)
- Those things packaged using Gradle to Android (Programming)
- Windows environment Android Studio v1.0 Installation Guide (Linux)
- Oracle Listener can not start (TNS-12555, TNS-12560, TNS-00525) (Database)
- PostgreSQL use pgpool achieve high availability (Database)
- iOS in Singleton (Programming)
- Linux System Getting Started Learning: Repair fatal error openssl aes h no such file or directory (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.