Understanding SUID and SGID Considerations
SUID and SGID, which stand for Set User Identity and Set Group Identity, are permissions settings that you can place on executable files. These two permissions settings are not only handy, but are also mandatory on certain executable files that deal with certain functions of Linux, Unix, and Unix-like operating systems. However, if you set SUID or SGID on programs that you create yourself, you could be opening your system up to all kinds of security problems. Before I explain why that is, I need to explain what SUID and SGID actually do and why they’re needed.
First, let’s go into the /bin/ directory, and look at the permissions settings for the rm executable, like so:
donnie@fedora:/bin$ ls -l rm
-rwxr-xr-x. 1 root root 61976 Jan 17 19:00 rm
donnie@fedora:/bin$
Here’s the breakdown of what you’re seeing:
- The
root rootportion of this output indicates that this file belongs to the root user...
