Skip to content

Summary of File and Directory permission - rwxst

homepage-banner

Introduction

Linux is a popular operating system that offers a wide range of features that make it a preferred choice for developers and system administrators. One of the most important features of Linux is the ability to set special permissions on files and directories. These special permissions ensure that certain system operations can only be performed by users with the appropriate privileges. In this post, we will discuss the rwxst special permission and how it can be used to enhance the security and efficiency of a Linux system.

Normal File permission

r: Readable, allows to view the file content with cat command;
w: Writable, allows to edit or delete the file;
x: Executable, allows to submit to the kernel as a command.

Directory permission

r: Allows to execute ls command in this directory to list all internal files.
w: Allows to create files in this directory.
x: Allows to use cd command to switch to this directory, or use ls -l to view detailed information of internal files.

Special permission

Setuid (s)

The setuid permission is used to allow a user to run an executable file with the privileges of the file owner. When an executable file has the setuid permission set, it runs with the same privileges as the file owner. This allows users to run programs that require elevated privileges without having to log in as the root user. For example, the passwd command needs to modify the /etc/shadow file which is only accessible by the root user. By setting the setuid permission on the passwd command, non-root users can change their passwords without having to log in as the root user.

Sticky Bit (t)

The sticky bit permission is used to restrict the deletion of files from a directory. When the sticky bit permission is set on a directory, only the owner of a file or the root user can delete the file. This is useful in directories that are used by multiple users, such as the /tmp directory, to prevent accidental deletion of files.

chmod u+s xxx # Sets setuid permission.
chmod g+s xxx # Sets setgid permission.
chmod o+t xxx # Sets stick bit permission, applicable to directories.
chmod 4775 xxx # Sets setuid permission.
chmod 2775 xxx # Sets setgid permission.
chmod 1775 xxx # Sets stick bit permission, applicable to directories.

Conclusion

In conclusion, the rwxst special permission is a powerful feature of Linux that allows users to set special permissions on files and directories. The setuid and sticky bit permissions are two important components of the rwxst special permission that can be used to enhance the security and efficiency of a Linux system. Understanding these special permissions is important for system administrators who want to optimize their Linux systems for maximum performance and security.

Leave a message