If a file is SGID, it will run with the privileges of the files group owner, instead of the privileges of the person running the program.
This permission set also can make a similar impact. Here the script runs under the groups ownership.
You can also set SGID for directories.
Consider you have given 2777 permission for a directory. Any files created by any users under this directory will come as follows.
Example:
-rw-rw-r-- 1 b2 a1 0 Jun 11 17:30 1.txt
In the above example you can see that the owner of the file 1.txt is b2 and the group owner is a1.
So both b2 and a1 will have access to the file 1.txt.
Now lets make this more intresting and complicated.
Create a directory "test". Chmod it to 2777. Add sticky bit to it.
Example:
mkdir test
chmod 2777 test
chmod +t test
ls -al test
drwxrwsrwt 2 a1 a1 4096 Jun 13 2008 test
From the above permission set you can understand that SGID and sticky bit is set for the folder "test".
Now any user can create files under the test directory.
Example:
drwxrwsrwt 2 a1 a1 4096 Jun 13 2008 .
-rw-rw-r-- 1 b2 a1 0 Jun 11 17:30 1.txt
-rw-rw-r-- 1 c3 a1 0 Jun 11 17:30 2.txt
-rw-rw-r-- 1 d4 a1 0 Jun 11 17:30 3.txt
So all the a1 user has access to all the files under the test directory. He can edit, rename or remove the file.
b2 user has access to 1.txt only, c3 has access to 2.txt only...
If sticky bit was not set for the test directory, any user can delete any files from the test directory, since the test directory has 777 permissions.
But now it not possible.
Example:
If d4 tries to remove 1.txt
rm -f 1.txt
rm: cannot remove `1.txt': Operation not permitted
|
相关推荐
中科大 信息安全 setuid 参考文献
controlling special permissions, encrypting file systems, and much moreMaster the art of securing a Linux environment with this end-to-end practical guideBook Description This book has extensive ...
Amasty Advanced Permissions for Magento 2
Permissions
Written by a Linux expert and technology trainer, the book provides learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth answer explanations....
Module 1 — Introduction to Linux Module 2 — Logging In and General Orientation Module 3 — Navigating the File System Module 4 — Managing Files Module 5 — File Permissions and Access...
Exactly how permissions work and how to decipher the most cryptic Linux permissions with ease. How to use the nano, vi, and emacs editors. Two methods to search for files and directories. How to ...
In this book you’ll learn how to navigate around the Windows file structure (up to Windows 8.1), with what does what and how essential everything is. Additionally we’ll show you how to effectively ...
All Linux users and administrators tend to like the flexibility and speed of Linux administration from the command line in byte–sized chunks, instead of fairly standard graphical user interfaces....
File permissions, ownership, and sticky bit 104 Making files immutable 109 Generating blank files in bulk 110 Finding a symbolic link and its target 111 Enumerating file type statistics 113 Loopback ...
Android 6.0 permissions Demo
This sample shows runtime permissions available in Android M and above. It shows how to check and request permissions at runtime, handle backwards compatibility using the support library and how to ...
3. 请解释什么是Linux中的文件权限(File Permissions),包括读(r)、写(w)、执行(x)权限的含义。 4. 如何在Linux系统中查看系统当前时间和日期?请说明相应的命令。 5. 请描述在Linux系统中如何查看系统当前...
查看一下连接的android设备,但是设备列表提示no permissions 解决方法: 1. 先用lsusb查看一下系统连接的usb设备信息 这个就是我连接的android设备。如果不能确定哪一个是连接的android设备就取下设备lsusb一次,...
All You Need to Know to Secure Linux Systems, Networks, Applications, and Datain one Book From the basics to advanced techniques: no Linux security experience necessary Realistic examples & step-by-...
文件描述:RequiredPermissions.dll 文件大小:188K
Laravel开发-permissions Laravel权限处理程序
主要介绍了linux中rz上传、sz下载命令详解的相关资料,需要的朋友可以参考下
You will be able to perform installation, establish network connectivity and user and process management, modify file permissions, manage text files using the command line, and implement basic ...
Sharepoint Permissions Manage