Linux

Special Permissions

Beyond the basic rwx, Linux has three special permissions. They're less common but important to understand.

The Three Special Permissions

PermissionSymbolNumberEffect
SUIDs (owner x)4Run as file owner
SGIDs (group x)2Run as group / inherit group
Stickyt (other x)1Only owner can delete

SUID (Set User ID)

When a file has SUID set, it runs with the permissions of the file's owner, not the person running it.

Terminal
$ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 68208 Jan 14 /usr/bin/passwd

Notice the s in the owner's execute position (-rws).

When you run passwd:

  • You run it as your user
  • But it executes with root's permissions
  • This lets it modify /etc/shadow (which you can't normally access)

Security Risk

SUID can be dangerous. A vulnerable SUID-root program can be exploited to gain root access. Only set SUID when absolutely necessary.

Setting SUID

hljs bash
chmod u+s file       # Symbolic
chmod 4755 file      # Numeric (4 = SUID)

SGID (Set Group ID)

Two different effects:

On Files

File runs with the group's permissions:

Terminal
$ls -l /usr/bin/wall
-rwxr-sr-x 1 root tty 19024 Jan 14 /usr/bin/wall

The s is in the group execute position.

On Directories

New files inherit the directory's group:

Terminal
$ls -ld /shared/project
drwxrwsr-x 2 root developers 4096 Jan 14 /shared/project

Without SGID, new files get the creator's default group. With SGID, new files get the directory's group (developers).

Shared Directories

SGID on directories is great for team projects. Everyone's files automatically belong to the shared group.

Setting SGID

hljs bash
chmod g+s directory  # Symbolic
chmod 2755 directory # Numeric (2 = SGID)

Sticky Bit

On directories, only the file owner (or root) can delete files, even if others have write permission.

Terminal
$ls -ld /tmp
drwxrwxrwt 10 root root 4096 Jan 14 /tmp

The t in the others execute position is the sticky bit.

Without sticky bit: Anyone with write permission can delete any file. With sticky bit: Only the owner can delete their own files.

This is why you can create files in /tmp but can't delete other users' files.

Setting Sticky Bit

hljs bash
chmod +t directory   # Symbolic
chmod 1777 directory # Numeric (1 = sticky)

Reading Special Permissions

What You SeeMeaning
rws (owner)SUID set
rwS (owner)SUID set, no execute
rws (group)SGID set
rwt (other)Sticky bit set
rwT (other)Sticky bit set, no execute

Uppercase (S, T) means the special bit is set but execute is NOT.

Numeric Format

chmod 4755 file    # SUID + 755
chmod 2755 dir     # SGID + 755
chmod 1777 dir     # Sticky + 777
chmod 6755 file    # SUID + SGID + 755

The first digit:

  • 4 = SUID
  • 2 = SGID
  • 1 = Sticky
  • Add them: 6 = SUID + SGID

Finding SUID/SGID Files

Terminal
$find / -perm -4000 2>/dev/null
(all SUID files)
$find / -perm -2000 2>/dev/null
(all SGID files)

Security auditors use this to find potentially dangerous permissions.

Knowledge Check

What does the sticky bit on /tmp prevent?

Quick Reference

PermissionSymbolNumericUse Case
SUIDu+s4xxxRun as file owner
SGIDg+s2xxxInherit group / run as group
Sticky+t1xxxProtect files from deletion

Key Takeaways

  • SUID: Execute as file owner (dangerous, use sparingly)
  • SGID on files: Execute as group
  • SGID on directories: New files inherit directory's group
  • Sticky bit: Only owner can delete files (used on /tmp)
  • Look for s and t in ls -l output
  • Use find -perm to audit special permissions

Congratulations! You've completed Chapter 6: File Permissions.

Next chapter: Process Management - understanding what's running on your system.