Linux File and Directory Special Permissions

In Linux, there are three special permissions that can be applied to files and directories:

• Setuid (Set User ID)
• Setgid (Set Group ID)
• Sticky Bit

Special permission using by values

Special permissions can be set using octal values:

• Setuid: 4
• Setgid: 2
• Sticky Bit: 1

To check the permissions of a file or directory, you can use the ls -l command:

# ls -l file_name

This will display the permissions in the format -rwsr-xr-x, where the s indicates the setuid permission.

For directories, the output will look like drwxr-sr-x, where the s indicates the setgid permission.

For the sticky bit, the output will look like drwxrwxrwt, where the t indicates the sticky bit.

1. Setuid (Set User ID)

The setuid permission allows a file to be executed with the privileges of the file owner, rather than the user who runs it.

Example:

# chmod u+s file_name
# ls -l file_name
-rwsr-xr-x 1 root root 12345 Jan 1 12:34 file_name

Here, the s in the owner's execute field indicates the setuid permission.

To set these permissions, you can use the chmod command with the appropriate octal value. For example:

# chmod 4755 file_name

This sets the setuid permission on the file, along with read and execute permissions for the owner, group, and others.

2. Setgid (Set Group ID)

The setgid permission allows files to be executed with the privileges of the group owner. For directories, it ensures that files created within the directory inherit the group ownership of the directory.

Example:

# chmod g+s directory_name
# ls -ld directory_name
drwxr-sr-x 2 user group 4096 Jan 1 12:34 directory_name

Here, the s in the group execute field indicates the setgid permission.

To set the setgid permission, you can use:

# chmod 2755 directory_name

This sets the setgid permission on the directory, along with read and execute permissions for the owner, group, and others.

3. Sticky Bit

The sticky bit is used on directories to restrict file deletion. Only the file owner, directory owner, or root can delete files within the directory.

Example:

# chmod +t directory_name
# ls -ld directory_name
drwxrwxrwt 2 user group 4096 Jan 1 12:34 directory_name

Here, the t at the end indicates the sticky bit.

To set the sticky bit, you can use:

# chmod 1777 directory_name

This sets the sticky bit on the directory, along with read, write, and execute permissions for the owner, group, and others.

Remove Permission

To remove the special permissions, you can use the chmod command with the appropriate octal value:

# chmod 755 file_name

This removes the setuid permission from the file, setting it to read and execute permissions for the owner, group, and others.

To remove the setgid permission, you can use:

# chmod 755 directory_name

This removes the setgid permission from the directory, setting it to read and execute permissions for the owner, group, and others.

To remove the sticky bit, you can use:

# chmod 777 directory_name

This removes the sticky bit from the directory, setting it to read, write, and execute permissions for the owner, group, and others.

To check the permissions of a file or directory, you can use the ls -l command:

# ls -l file_name

Summary

Special permissions in Linux provide additional control over file and directory behavior. Use them carefully to enhance security and functionality.