Open In App

Advance File Permissions in Linux

Last Updated : 03 Jul, 2020
Summarize
Comments
Improve
Suggest changes
Like Article
Like
Save
Share
Report
News Follow

The Linux file permissions are not limited to “rwx” bits, there are 3 special permissions apart from these “rwx” permissions which are SUID,SGID,The Sticky Bit. This article is about the 3 special file permissions and how to set and remove those permission bits.

Set-user-ID (SUID)

In Linux by default when a user executes a file, The file gets executed with the privileges of the user who executes it. If we set SUID(set-user-ID) bit on the executable this behavior can be changed, then the file will always run with privileges of the owner of the file, no matter who runs the executable.
Note: Only owner of the file or root can set the SUID bit

1. You can set SUID bit by passing u + s to the chmod command:

setting-SUID

2. Alternatively, you can use octal notional by prefixing “4” to the octal string. (like 4724 instead of 724).

setting-SUID using octal notional

As you notice “s” letter instead of usual “x” to execute permission for the owner. This letter “s” indicates that SUID(set-user-ID) bit has been set for the file or directory in question.

3. You can remove SUID bit by passing u – s to the chmod command:

SUID-remove

Set-group-ID (SGID)

Set-group-ID bit on a file: Set-group-ID (SGID) is similar to SUID except that, an executable with SGID bit set runs with the privileges of the group which owns of the file

1. You can set SGID bit by passing g + s to the chmod command:

set-SGID-bit

2. Alternatively, you can use octal notional by prefixing “2” to the octal string. (like 2755 instead of 755).

SGID-octal-notation

As you notice “s” letter instead of usual “x” in execute permission for the group. This letter “s” indicates that SGID(set-group-ID) bit has been set for the file or directory in question.

3. You can remove SGID bit by passing g – s to the chmod command:

SGID-bit-set

Set-group-ID bit on a directory: When set-group-ID (SGID) bit is set directory, all newly created subdirectories/files under the directory will inherit the same group ownership as of the directory itself. If the SGID bit is not set then all newly created files will have a group as the user’s default group.

Set-group-ID is very useful in multi-user setup where users with different primary group have access each others files as shown in this article.

Here is an example to better understand this.

1.Let’s create a directory parent which is owned by user: root and group: root.

SGID-create-user-owned-directory

2.Now if we create a sub-directory under parent from the different user then that directory will have group-owner default to the user’s primary group.

SGID-group-owner-default-primary-group

3.Now if we set SGID bit for parent and again create new sub-directory under parent then this time it will have group default to parent’s group. This is because the parent had the SGID bit set, and the newly created subdirectories/files under it will inherit the parent‘s group.

seti-SGID-for-parent-bit

The Sticky Bit

If the sticky bit on a directory is set, subdirectories/Files under that directory can only be deleted by either owner of the file, owner of the directory, or the root user. This special permission is useful to prevent users from deleting other user’s file inside a shared folder where everyone has read, write, and execute access.

Let see an example.

1.Let start by creating a shared folder where everyone has read, write, and execute permission.

create-shared-folder

2.Inside this shared folder, it is possible to remove directory/files of other users.

remove-directory-files-of-other-users

3.Now let’s set the sticky bit on the sharedFolder.

set-sticky-bit

As you notice “t” letter instead of usual “x” in execute permission for the others. This letter “t” indicates that a sticky bit has been set for the file or directory in question. Now because the sticky bit is set on the sharedFolder, files/directory could only be deleted by the owners or root user.

file-only-delete-by-users-or-root



Similar Reads

How to Set File Permissions in Linux?
Setting file permissions in Linux is a fundamental task for managing access to files and directories. Proper file permissions ensure that only authorized users can read, write, or execute files, enhancing the security and functionality of your system. In this guide, we will explain how to set file permissions in Linux using various commands and tec
8 min read
SetUID, SetGID, and Sticky Bits in Linux File Permissions
As explained in the article Permissions in Linux, Linux uses a combination of bits to store the permissions of a file. We can change the permissions using the chmod command, which essentially changes the 'r', 'w' and 'x' characters associated with the file. Further, the ownership of files also depends on the uid (user ID) and the gid (group ID) of
6 min read
Finding Files With SUID and SGID Permissions in Linux
SUID(Set-user Identification) and SGID(Set-group identification) are two special permissions that can be set on executable files, and These permissions allow the file being executed to be executed with the privileges of the owner or the group. SUID: It is special file permission for executable files. This enables other users to run the file with th
3 min read
Bash Script - File Permissions
In this article, we will discuss file permission in Bash Script To understand the scenario let's take an example. Let's consider there is a system admin A for company XYZ he designs a script that is to be executed by a user at 8:00 PM daily to send a report. He designs the script but forgets to give permission to the user to execute the script. Whe
5 min read
ATSCAN – Advance Web Application Scanner in Kali Linux
ATSCAN stands for Advance Web Application Scanner. ATSCAN is a free and open-source tool available on GitHub. ATSCAN is a vulnerability scanner tool. This tool is used for vulnerability scanning of websites and webapps. This tool also works as web exploitation tool. ATSCAN is written in Perl language. You must have packages of Perl language in your
5 min read
Trackip - Advance IP tracker tool in Kali Linux
Trackip is a free and open source available on GitHub. This tool can retrieve IP or Domain Geolocation, This tool can retrieve your own Geolocation, this tool selects random proxy in a new line and the IP geolocation maps that IP using Google Map. Track IP tool is used to find information about IP address in your kali Linux operating system. This t
2 min read
PortSpider - Advance Network Port scanner on Kali Linux
PortSpider is a free and open-source tool available on GitHub. PortSpider is an Open Source Intelligence and network scanning Tool based on (OSINT). This tool can scan huge network ranges to find open and closed ports and all the vulnerable services running on the server or on the system, not only scans a single target system but can target a big n
2 min read
VAF - Fast and Advance Fuzzer Tool in Kali Linux
In this article, we are going to see the VAF tools, which is used to automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program and detect the bug. URL Fuzzing is the art of finding hidden files and directories on the target domain server. These files and directories can have sen
3 min read
Create More Advance GUI Applications Using PyGobject Tool in Linux
PyGObject is a valuable tool for creating advanced GUI applications in Linux. It allows developers to create visually appealing and user-friendly interfaces while leveraging the power of the GObject system to manage memory and other resources efficiently. What is GUI in Linux? A graphical user interface (GUI) program is one that is created with gra
4 min read
Shell Script to List Files that have Read, Write and Execute Permissions
In this article, We will learn how to list all files in the current directory that have Red, Write and Execute permission. Suppose, we have the following files in our current directory : Here, We have a total of 8 files in our current directory. Out of 8, we have Read, Write and Execute permission on 6 files and 2 have only Read and Write permissio
3 min read
How to Fix - Cp: Cannot Create Regular File 'File': File Exists
In Linux, while performing copying operations using the cp command, the error "Cp: Cannot Create Regular File 'File': File Exists" may occur when attempting to copy a file to a destination where a file with the same name already exists. This error is a safeguard to prevent accidental overwriting of files and potential data loss. To resolve this iss
3 min read
Difference Between Arch Linux and Kali Linux
Arch Linux is an open-source Linux-based Operating System that is freely available for use. It belongs to the Pacman-based Linux family. It is a light weighted OS for daily use and could even be used by professionals. It was first released in March 2002. It is a beginner-friendly Linux Operating System. Features of Arch Linux: Minimalist approach:
4 min read
Neofetch In Linux – Snap cool screenshots of your Linux
Neofetch is a fancy, highly customizable, and aesthetic command-line system information screenshot utility tool. Written in the Bash scripting language, it works inside a terminal window, on triggering up the command it by default displays the operating system, software, and hardware of your system on the right side of the column alongside an ASCII
4 min read
Exodus - Copy Linux Binaries From One Linux System
Exodus is an easy-to-implement program, that is used for bundling dependencies, and also helps to effectively copy Linux ELF binaries from one to another machine securely, and this is very handy when you don't have root access, also if there are issues in the availability of the packages in the Linux distribution, Commonly Server oriented distribut
3 min read
Basic CentOS Linux Commands in linux
CentOS is a free and open-source operating system that aims to provide a stable reliable, and community-supported platform for servers and other enterprise applications. In this article, we will be covering CentOS Linux basics commands and functions of CentOS and also we will look into the advanced commands. These CentOS commands allow you to manag
3 min read
Linux on Azure – Linux Distributions
Azure, the cloud computing platform from Microsoft, offers a playground for deploying and managing your Linux-based operating systems. Think of it as a canvas of boundless resources, security, and scalability, painted onto which you can unleash the boundless creativity and flexibility of Linux. This powerful synergy unlocks a world of opportunity,
10 min read
File Timestamps - mtime, ctime and atime in Linux
Timestamps are records for the times in which actions are performed on files. A timestamp is useful because it keeps records of when a file was accessed, modified, or added. Linux's files have 3 timestamps recorded by the computer: Access timestamp (atime): which indicates the last time a file was accessed.Modified timestamp (mtime): which is the l
4 min read
proc file system in Linux
Proc file system (procfs) is a virtual file system created on the fly when the system boots and is dissolved at the time of system shutdown. It contains useful information about the processes that are currently running, it is regarded as a control and information center for the kernel. The proc file system also provides a communication medium betwe
4 min read
How to copy a file's content from Linux terminal?
This article shows the alternative method to copy the content of the file onto the clipboard, via the Linux terminal. In OSX, the commands pbcopy and pbpaste are available by default. Thus, to copy a file onto the clipboard via OSX terminal, type: pbcopy < 'path of the file' Since, in Ubuntu, pbcopy and pbpaste commands are not availab
2 min read
File Management in Linux
In Linux, most of the operations are performed on files. And to handle these files Linux has directories also known as folders which are maintained in a tree-like structure. Though, these directories are also a type of file themselves. Linux has 3 types of files: Regular Files: It is the common file type in Linux. it includes files like - text file
4 min read
Fcrackzip Tool - Crack a Zip File Password in Kali Linux
The fcrackzip utility and wordlists are included by default in Kali to crack passwords for these compressed files. Because of their compact size and encryption algorithm, we frequently use zipped files. These zipped files have a password protection feature that ensures the files' confidentiality. When you've forgotten your password and are stuck tr
3 min read
Kali Linux - File Management
In Kali Linux, most of the operations are performed on files. And to handle these files Kali Linux has directories also known as folders which are maintained in a tree-like structure. Though, these directories are also a type of file themselves. Kali Linux has 3 basic types of files: Regular Files: It is the common file type in Linux. it includes f
4 min read
Linux - Renaming File While Downloading with Wget
Wget utility is the most popular and powerful tool to download files on operating systems like Linux and Windows OS.Wget supports the HTTP, HTTPS, and FTP protocols, as well as retrieval through HTTP proxies. Wget is non-interactive, which means it can work in the background while the user is not logged on. In case while downloading any file if the
2 min read
How to Create a Password Protected ZIP File in Linux?
Linux provides Zip command to work with a file like compressing the file and decompressing with a password. It's not come with built-in you need to install from an external source. The Zip command has two different utility(zip and unzip). zip is used for compressing the file and unzip is used for decompressing the file. Installation Use this comman
2 min read
How to Make File and Directory Undeletable Even By Root in Linux?
In this article, we are going to see How to Make File and Directory Undeletable, Even By Root in Linux. So in order to make a file or directory undeletable by any user, we need to make the file or directory unmodifiable using the chattr command. This command changes the file attributes in our system. So in order to make it Undeletable Syntax is: No
2 min read
How to Find Linux File Creation Time using Debugfs?
Everything is treated as a file in Linux, and all the information about a file is stored in inodes, which includes the crucial metadata about a file such as creation time, last modification, etc. Every file in Linux is identified by its inode number. In this article, we will be using debugf command to find Linux File Creation Time with the help of
2 min read
How to Append Text to End of File in Linux?
On Linux, while working with files in a terminal sometimes we need to append the same data of a command output or file content. Append means simply add the data to the file without erasing existing data. Today we are going to see how can we append the text in the file on the terminal. Using >> Operator: The >> operator redirects output
2 min read
How to Get Last Modified Date of File in Linux?
Here we are going to see how to get the last modified date of the file in Linux, sometimes we may require timestamps of the file and apart from this it also ensures that we have the latest version of that file. It can be done in four ways: Using Stat command.Using date command.Using ls -l command.Using httpie Example 1: Using Stat command. Apart fr
1 min read
How to Change the Number of Open File Limit in Linux?
If you are an active Linux user, who has to work with many files on Linux at a time then you might have definitely faced a problem regarding “Too many open files” on a Linux system. When you have reached the maximum open file limit you will get an error message displaying "Too many open files (24)” error on your screen. Why do we face such a thing?
4 min read
How to Create a File in the Linux Using the Terminal?
In this article, we will learn to create a file in the Linux/Unix system using the terminal. In the Linux/Unix system, there are the following ways available to creating files. Using the touch commandUsing the cat commandUsing redirection operatorUsing the echo commandUsing the heredocUsing the dd command1. Create a file in the Linux/Unix system us
4 min read
Article Tags :
three90RightbarBannerImg