74
A Cool Guide for Linux File Permissions
(lemmy.ca)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 07 Oct 2023
74 points (94.0% liked)
Cool Guides
4560 readers
87 users here now
Rules for Posting Guides on Our Community
1. Defining a Guide Guides are comprehensive reference materials, how-tos, or comparison tables. A guide must be well-organized both in content and layout. Information should be easily accessible without unnecessary navigation. Guides can include flowcharts, step-by-step instructions, or visual references that compare different elements side by side.
2. Infographic Guidelines Infographics are permitted if they are educational and informative. They should aim to convey complex information visually and clearly. However, infographics that primarily serve as visual essays without structured guidance will be subject to removal.
3. Grey Area Moderators may use discretion when deciding to remove posts. If in doubt, message us or use downvotes for content you find inappropriate.
4. Source Attribution If you know the original source of a guide, share it in the comments to credit the creators.
5. Diverse Content To keep our community engaging, avoid saturating the feed with similar topics. Excessive posts on a single topic may be moderated to maintain diversity.
6. Verify in Comments Always check the comments for additional insights or corrections. Moderators rely on community expertise for accuracy.
Community Guidelines
-
Direct Image Links Only Only direct links to .png, .jpg, and .jpeg image formats are permitted.
-
Educational Infographics Only Infographics must aim to educate and inform with structured content. Purely narrative or non-informative infographics may be removed.
-
Serious Guides Only Nonserious or comedy-based guides will be removed.
-
No Harmful Content Guides promoting dangerous or harmful activities/materials will be removed. This includes content intended to cause harm to others.
By following these rules, we can maintain a diverse and informative community. If you have any questions or concerns, feel free to reach out to the moderators. Thank you for contributing responsibly!
founded 1 year ago
MODERATORS
Hm. Looks like it lets users temporarily assume privileges of the user or group that owns an executable.
A common example I'm seeing is passwd, which has a permission set of -rwsr-xr-x root root.
The position of the s means that "suid" is set, which means that if I run it as user casey, it actually gets run as root. I guess? Or it gets run as me but with root privileges? I wonder who the process owner is. I'm gonna experiment.
I made a root-owned a+x u+s script that ran
ps aux | grep $$and ran it as my regular user and it said my regular user is the process owner and I have to say, I did not learn anything from that.Maybe if I make it touch a root-owned a-w file, then if that file's last-modified date changes even though I ran it as my regular user...?
Permission denied. Nope, it turns out I still don't understand suid.
I ran into just this problem literally yesterday ๐ . It turns out that many Linux distros (not sure which ones exactly but I'm on fedora and it does this) will ignore the suid bit on shell scripts because apparently they're too easy to exploit for privilege escalation. Sure enough I tried it again with a c program instead of a shell script and the suid bit worked; I was able to write to a file I didn't have permission for normally. I'm not totally sure exactly which kinds of executables are allowed and which aren't; it might be binaries only.
Huh!
Thanks, that would have had me confused for a good while.
Same behavior on Debian.