bash-3.00$ chmod 4754 some_executable
bash-3.00$ ls -l
total 2
-rwsr-xr– 1 a435104 ccusers 50 Oct 17 05:28 some_executable
The extra “4″ ahead of the permission set “754″ specifies to always execute this file as the owner of the file.
The resulting permission has an “s” in place of “x”. This is called setting the SUID/SGID/Sticky Bit.
Good example of the use of SUID bit is /usr/bin/passwd
Only root user has permission to modify the /etc/passwd file. If that’s the case, how can a normal user change his password.
bash-3.00$ ls -l /etc/passwd
-rw-r–r– 1 root sys 6001 Aug 27 10:00 /etc/passwd
/usr/bin/passwd has it’s SUID bit set. That means, irrespective of the user who is invoking the passwd program, the program always executes as the owner of the file (here root), granting it permission to modify /etc/passwd file.
bash-3.00$ ls -l /usr/bin/passwd
-r-sr-sr-x 1 root sys 27228 Aug 16 2007 /usr/bin/passwd
And what is SGID used for ? It is used when you want a program to execute always as a member of it’s owners group.
bash-3.00$ chmod 2754 some_executable
bash-3.00$ ls -l
total 2
-rwxr-sr– 1 a435104 ccusers 50 Oct 17 05:28 test.sh
