SETUID:
Features: ability to execute file as owner
chmod 4760 regextest.pl - this will ensure that the perl script always executes as the user 'linuxcbt'
-rwsrw---- 1 linuxcbt sales 787 Jan 13 16:08 regextest.pl
's' in the execute position means that the program will execute as that user
SETGID:
Features:Ability to enforce permissions to a directory structure
mkdir /sales
chmod 2775 /sales
Create a file in the '/sales' directory as 'linuxcbt'
seq 1000000 > linuxcbt.1million.txt
chgrp:
Permits updating of group permissions
Sticky Bit:
Features:Ability to ensure that users cannot delete others' files in a directory
drwxrwxrwt 23 root root 4096 Jan 13 15:05 /tmp/
/tmp - users cannot delete other user's files in '/tmp'
chmod 3777 /sales - ensures that /sales will not lose files from incorrect users
Task:
1. Set '/sales' using sticky bit and test
a. chmod 3777 /sales && ls -ld /sales OR chmod 777 /sales && chmod +t /sales
6.2. Textual representation
| SUID | If set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise. Examples:
-rws------ both owner execute and SUID are set -r-S------ SUID is set, but owner execute is not set |
| SGID | If set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise. Examples:
-rwxrws--- both group execute and SGID are set -rwxr-S--- SGID is set, but group execute is not set |
| Sticky | If set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise. Examples:
-rwxrwxrwt both others execute and sticky bit are set -rwxrwxr-T sticky bit is set, but others execute is not set |
No comments:
Post a Comment