diff options
| -rw-r--r-- | README.md | 17 |
1 files changed, 17 insertions, 0 deletions
@@ -383,6 +383,23 @@ See `exercises/chapter-8.16`. 17. What are the purposes of the set-user-ID (SUID), set-group-ID (SGID), and sticky bits? +The purpose of the `SUID` and the `SGID` is to allow one user to run a +program on behalf of or another user. A common example is when a program +needs to write to a file that is owned by root. If the program is owned +by `root` and the `SUID` is permission is enabled on that program, then +a non-root user can run that program as if the `root` user was running +the program. This allows for non root users to do things like change +their passwords etc. This feature can also sometimes be abused if the +program with the `SUID` is on isn't written properly. e.g. buffer +overflow leading to arbitrary code execution. + +The `SGID` operates very similar to the `SUID` except that the program +runs as if it were a member of the group that owns the file. + +The `sticky bit` is used to ensure a user cannot remove files from a +directory owned by another user. This is common for shared folders like +`/tmp`. + ## Do problem 9 (What do the following commands do?) in Chapter 9. What do the following commands do? |