The document discusses SUID, SGID, and sticky bits in Linux file permissions. It provides examples of setting these permissions on files and directories and observing the effects. Specifically, it shows: - Setting the SUID bit on /usr/bin/su allows non-root users to run su with root privileges - Setting the SGID bit on a directory gives create and write permissions to all members of the directory's group - Setting the sticky bit on a directory prevents deletion of files within it by non-owners

1. What is SUID, SGID and Sticky bit ?
From: Dr. Meenu Chopra

15. [root@localhost -]# /etc/shadow
------------ 1 root root 1275 Apr 1 10.23 /etc/shadow
[root@localhost -]# ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 27832 Jun 10 2014 /usr/bin/passwd
[root@localhost -]# ll /usr/bin/su
-rwsr-xr-x 1 root root 32184 Aug 17 00:17 /usr/bin/su
[root@localhost -]# chmod u-s /usr/bin/su
[root@localhost -]# ll /usr/bin/su
-rwxr-xr-x 1 root root 32184 Aug 17 00:17 /usr/bin/su
[root@localhost -]# useradd meenu101
[root@localhost -]# passwdmeenu101
New password:
Retype password:
[root@localhost -]# su meenu101
[meenu101@localhost -]# su -
Password:
Su: Authentication failure
[meenu101@localhost -]# su-
Password:
Su: Authentication failure

16. [root@localhost -]# chmod u+s /usr/bin/su
[root@localhost -]# find / -perm -4000
*************************************************
To set GUID (Always on Directory and on Group)
[root@localhost home]# cd /
[root@localhost /]# groupadd groupbit
[root@localhost /]# useradd -aG groupbit U1
[root@localhost /]# useradd -aG groupbit U2
[root@localhost /]# cat /etc/group
[root@localhost /]# cd /home
[root@localhost home]# mkdir test
[root@localhost home]# chown root:groupbit test/
[root@localhost home]# ll
Total 0
Drwxr-xr-x. 2 root groupbit 2 Apr 11.24 test
Drwx------. 5 U1 U1 2 Apr 11.14 U1
Drwx------. 5 U2 U2 2 Apr 11.22 U2

17. [root@localhost home]# chmod 2775 test
[root@localhost home]# ll
Total 0
Drwxrwsr-x. 2 root groupbit 2 Apr 11.24 test
Drwx------. 5 U1 U1 2 Apr 11.14 U1
Drwx------. 5 U2 U2 2 Apr 11.22 U2
[root@localhost home]# su U1
[root@localhost home]# ls
Test U1 U2
[U1@localhost home]# cd test
[U1@localhost test]# mkdir user1
[U1@localhost test]# touch user1
[U1@localhost test]# su
Password:
[root@localhost test]# su U2
[U2@localhost test]# ls
User1
[U2@localhost test]# mkdir user2
[U2@localhost test]# touch user2.txt
[U2@localhost test]# ls
User1 user2 user2.txt

18. [U2@localhost test]# su
Password:
[root@localhost test]# su U1
[U1@localhost test]# ls
User1 user2 user2.txt
[U1@localhost test]# touch user1.txt
[U1@localhost test]# ls
User1 user1.txt user2 user2.txt
[U1@localhost test]# su
password:
[root@localhost test]# ls
User1 user1.txt user2 user2.txt
[root@localhost test]# ll
Total 0
Drwxrwsr-x. 2 U1 groupbit 2 Apr 11.28 user1
-rw-rw-r-x. 1 U1 groupbit 2 Apr 11.28 user1.txt
Drwxrwsr-x. 2 U2 groupbit 2 Apr 11.28 user2
-rw-rw-r--. 1 U2 groupbit 2 Apr 11.28 user2.txt

19. //Sticky Bit (Always on Directory)
[root@localhost test]# cd /home
[root@localhost home]# pwd
/home
[root@localhost home]# mkdir sticky
[root@localhost home]# chmod 777sticky/
[root@localhost home]# ll
Total 0
Drwx------. 2 A A 2 Apr 11.28 a
Drwx------. 2 B B 2 Apr 11.28 b
Drwx------. 2 C C 2 Apr 11.28 c
Drwxrwxrwx. 2 root root 2 Apr 11.40 sticky
[root@localhost home]# su A
[A@localhost home]# ls
A B C sticky
[A@localhost home]$ cd sticky/
[A@localhost sticky]$ touch A.txt
[A@localhost sticky]$ mkdir A
[A@localhost sticky]$ ls
A A.txt

20. [A@localhost home]$ su
Password:
[root@localhost sticky]# su B
[B@localhost sticky]$ ls
A A.txt
[B@localhost sticky]$ touch B.txt
[B@localhost sticky]$ mkdir B
[B@localhost sticky]$ ls
A A.txt B B.txt
[B@localhost sticky]$ su C
[C@localhost sticky]$ touch C.txt
[C@localhost sticky]$ mkdir C
[C@localhost sticky]$ ls
A A.txt B B.txt C C.txt
[C@localhost sticky]$ ll
Total 0
Drwxrwxr-x. 2 A A 2 Apr 11.28 A
-rw-rw-r-- 1 A A 2 Apr 11.28 A.Txt
Drwxrwxr-x. 2 B B 2 Apr 11.28 B
-rw-rw-r-- 1 B B 2 Apr 11.28 B.Txt
Drwxrwxr-x. 2 C C 2 Apr 11.28 C
-rw-rw-r-- 1 C C 2 Apr 11.28 C.Txt

21. [C@localhost sticky]$ rmdir A
[C@localhost sticky]$ ll
Total 0
-rw-rw-r-- 1 A A 2 Apr 11.28 A.Txt
Drwxrwxr-x. 2 B B 2 Apr 11.28 B
-rw-rw-r-- 1 B B 2 Apr 11.28 B.Txt
Drwxrwxr-x. 2 C C 2 Apr 11.28 C
-rw-rw-r-- 1 C C 2 Apr 11.28 C.Txt
[C@localhost sticky]$ rm B.txt
[C@localhost sticky]$ ll
Total 0
-rw-rw-r-- 1 A A 2 Apr 11.28 A.Txt
Drwxrwxr-x. 2 B B 2 Apr 11.28 B
Drwxrwxr-x. 2 C C 2 Apr 11.28 C
-rw-rw-r-- 1 C C 2 Apr 11.28 C.Txt
[C@localhost sticky]$ su
password:
[root@localhost sticky]$ cd ..
[root@localhost home]# ls
A B C sticky
[root@localhost home]# ll

22. [root@localhost home]# ll
Total 0
drwx------ 2 A A 2 Apr 11.28 A
drwx------ 2 B B 2 Apr 11.28 B
drwx------ 2 C C 2 Apr 11.28 C
Drwxrwxrwx. 4 root root 2 Apr 11.28 Sticky
[root@localhost home]# chmod o+t sticky/
[root@localhost home]# ll
Total 0
drwx------ 2 A A 2 Apr 11.28 A
drwx------ 2 B B 2 Apr 11.28 B
drwx------ 2 C C 2 Apr 11.28 C
Drwxrwxrwt. 4 root root 2 Apr 11.28 Sticky
[root@localhost home]# su C
[C@localhost home]# ls
A B C sticky
[C@localhost home]# cd sticky/
[C@localhost sticky]# ls
A.txt B B.txt C C.txt
[C@localhost sticky]# rmdir B
Rmdir: failed to remove : operation not allowed

23. [C@localhost sticky]$ rm A.txt
Rm: cannot remove : operation not allowed
[C@localhost sticky]$ rm C.txt
[C@localhost sticky]$ ls
A.txt B C
[C@localhost sticky]# su
Password:
[root@localhost sticky]# cd /
[root@localhost / ]# find / -type d -perm -1000
/dev
/var
/tmp