How To Find SUID/SGID in Linux?
Posted by Planet Malaysia on March 3, 2008
What is SUID & SGID?
SUID (Set User ID) Bit Sometime you may faced an error while trying to run any application stating that the application must be ‘SUID root’ . You might have been confused that time, but now once you read this article you would no longer find it confusing. SUID stands for Set User ID. This means that if the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application. That means in case I have an application whose owner is ‘ root ‘ and it has its SUID bit set, then when I run this application as a normal user, that application would still run as root. Since the SUID bit tells Linux that the the User ID root is set for this application and whenever this application executes it must execute as if root was executing it (since root owns this file). In case you have really understood the above you may be wondering – isnt this a major security risk? If users are able to run applications as root, then it must be definitely posing as a threat to the security of the system. Actually the SUID is used to increase the security in a way. Let me explain this with my own example I use on my machine.
SGID (Set Group ID) bit Just like SUID, setting the SGID bit for a file sets your group ID to the file’s group while the file is executing. IT is really useful in case you have a real multi-user setup where users access each others files. As a single homeuser I haven’t really found a lot of use for SGID. But the basic concept is the same as the SUID, the files whose SGID bit are set would be used as if they belong to that group rather than to that user alone.
The Linux system administrator should take are to ensure that no rogue SUID programs that have been introduced into the system. Administator who wish to obtain a list of the SUID and SGID programs currently installed on the system may run:
for PARTS in awk `awk ‘($6 != “0″) { print $2 }’ /etc/fstab`; do find $PARTS \( -perm -04000 -o -perm -0200) -type f -xdev -print; done
Important : Think twice before setting the SUID or SGID bit for scripts
Possibly Related Posts:
- How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
- Top 10 Free Anti Virus
- How to Install Webmin on OpenFiler
- Microsoft SQL 2008 Agent not starts
- VMware Workstation 7 Serial Key
Comments
Leave a Reply