[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Set user ID on execution

> Can anyone explain this to me in plain english? Like, what the difference 
> is between chmod 4750 and  chmod 750 -- and how it effects the files' 
> execution?
every user has an id, as you probably know.
if the file is executed normally (ie, permissions are 750), then the
program runs with the user id of the user, who started it, and thus has
the permissions to do the things, that the "runner" is able to do.
if the set-uid bit is set (ie, 4750), then the program's user id will be
set to the id of the user, who owns the file. so if the program file is
owned by root and it is set-uid, then the program will get root
permissions - no with regard to that, by whom it is executed.
that's the reason, why set-uid programs have to be done with special
care: they have potentially very much power.
basically the same applies to set-gid programs (ie, 2750), but here it is 
the group-id, which is set upon execution.
there are some details with real and effective user id-s, but that won't
interest you much.

> My fingers are obviously dangerous things..
yes - but that applies to all of us ... :-)


Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
Linux - the last service pack you'll ever need.

Reply to: