Linux permissions support an extra position for special bits. These special bits provide privilege escalation to the user owner or group owner for executable files. This allows normal users to elevate privileges without configuring complex services. Note, that these users are not prompted for any password. As such files with SUID and SGID bits set can be dangerous. We can locate these files using the find command.
- [Instructor] SUID and SGID…are special bits for privilege escalation…on executical files.…The SUID bit allows non-user owners…to execute commands with the privileges of the user owner.…In a terminal, let's do a long list…on slash USR slash bin slash SU,…by typing in…ls -l…/usr/bin/su, and hit Enter.…The first thing you may notice…is that the file's bright red.…
This tells us something special is happening here.…Let's take a look at the permissions.…The permissions for the user owner…are rws.…Note that we can no longer see…the user owner's execute position.…The s in the user owner's execute position…means we have the SUID bit set.…If the s is lowercase, then the execute is also set.…If the S is uppercase, then the execute permissions…are not set.…The case of the S is the only way to tell…if execute permissions are set or not.…
When the SUID bit is set,…and regularly users such as Bob executes it,…their privileges get elevated…to that of the user owners.…In our example, Bob would be executing…the SU command as route.…
Author
Released
4/10/2017- Define file Access Control Lists.
- Describe what extended globs add to Linux pattern matching.
- State why file system recovery tools are so important for Linux users.
- Recall what execute permissions on a directory allows.
- Cite the maximum allowed default permissions on a file in Linux.
- List some of the advantages of ACLs over standard Unix permissions.
Skill Level Intermediate
Duration
Views
Related Courses
-
Linux: Desktops and Remote Access
with Grant McWilliams1h 44m Intermediate
-
Introduction
-
Welcome53s
-
-
1. Linux Files
-
What is a file?2m 10s
-
Get file attributes3m 41s
-
Get extended attributes4m 13s
-
Pattern matching using globs4m 51s
-
-
2. Manipulate Files
-
Create files and dirs5m 18s
-
Copy files and dirs5m 48s
-
Remove files and dirs6m 2s
-
-
3. Standard Unix Permissions
-
File and directory modes1m 19s
-
File ownership4m 34s
-
4. ACLs
-
ACL overview3m 4s
-
Read ACLs3m 36s
-
Set ACLs5m 49s
-
Manage default ACLs4m 27s
-
Delete ACLs4m 15s
-
ACL tricks5m 13s
-
-
Conclusion
-
Next steps47s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Special file bits: SUID and SGID