Linux 101: What’s the SUID permission?


On this Linux 101, Jack Wallen explains the SUID permission bit.

istock-1167770131.jpg

Picture: iStockphoto/Elena Kalashnik

Should you’re new to Linux administration, you have in all probability already began studying about file permissions. If I mentioned “drwxrwxr-x,” you’d know what that meant. It is easy: A listing with proprietor and group learn, write, execute permissions, however solely learn and execute permissions for everybody else. 

That is not the be-all, finish all for permissions. There are literally three extra permissions, one in all which I’ll educate you about proper now. Mentioned permission is named SUID, which stands for Set proprietor Person ID. It is a particular permission that applies to scripts or purposes. If the SUID bit is ready, when the command is run, it is efficient UID turns into that of the proprietor of the file, as a substitute of the consumer working it. 

SEE: Kubernetes security guide (free PDF) (TechRepublic)

That is used to supply short-term elevated permissions throughout execution. For instance, if the file being executed was owned by root and has the SUID bit set, irrespective of who’s working the script or utility, the permissions would at all times (quickly) equal these of root. 

One very easy-to-understand instance of that is when a consumer desires to alter their password they usually difficulty the sudo passwd

command. If the SUID bit wasn’t set on passwd, the command could be run with out elevated privileges, and would not be capable to write to the required recordsdata to alter the password–hence the SUID bit. 

Should you create a script (owned by the basis consumer) that wants the SUID bit set, you’d accomplish that like: 

sudo chmod u+s filename 

The place filename is the identify of the script or utility. As soon as the SUID bit is ready, anytime that utility is executed, will probably be executed with quickly elevated privileges. 

And that is the gist of the SUID permission bit. It sounds extra sophisticated than it truly is. Though you won’t use it every single day, you will be glad you recognize it, if you run right into a state of affairs the place it is clearly crucial.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the newest tech recommendation for enterprise execs from Jack Wallen.

Additionally see

Leave a Reply

Your email address will not be published. Required fields are marked *