127

Please compare the following two lines:

-rws---r-x 1 root root 21872 2009-10-13 21:06 prg1 -rwx---r-x 1 root root 21872 2009-10-13 21:06 prg2

Does the setuid bit on prg1, along with the read and execute bits for 'other' mean that any user can run it with root privileges? The prg2 also has read and execute for 'other', but does not have the setuid bit set, so does that mean it can still be run by any user but without root privileges?

Improve this question
4
  • Look up for sticky bit on Google. Commented Mar 9, 2014 at 15:31
  • 21
    It's not called sticky bit, it's called setuid bit!!!! unix.stackexchange.com/questions/79395/… Commented Mar 9, 2014 at 15:33
  • @slm Thanks for correcting me. I always thought s is for sticky bit to keep a copy of executables in swap space. Commented Mar 9, 2014 at 15:38
  • See also unix.stackexchange.com/questions/28363/… Commented Mar 9, 2014 at 16:00

2 Answers 2

Reset to default
126

That is the "setuid" bit, which tells the OS to execute that program with the userid of its owner. This is typically used with files owned by root to allow normal users to execute them as root with no external tools (such as sudo).

You can set the suid bit using chmod, eg chmod 4755 which will give a file give the normal permissions 755 does (rwxr-xr-x) and add the suid bit to give rwsr-xr-x

You can clear the setuid bit by issuing a normal chmod command with a 0 prepended to it. For example, to set permissions back to rwxr-xr-x you would use chmod 0755.

Improve this answer
1
  • 18
    "chmod preserves a directory's set-user-ID and set-group-ID bits unless you explicitly specify otherwise. You can set or clear the bits with symbolic modes like u+s and g-s, and you can set (but not clear) the bits with a numeric mode." - GNU coreutils 8.22 Feb '16 Commented Mar 13, 2018 at 15:57
38

Precisely the opposite, you don't need to use sudo or switch to root, the executable does it for you.

Improve this answer
2
  • 2
    OK thanks for the reply. So in other words the prg1 will always run as root while prg2 will not? Commented Mar 9, 2014 at 15:43
  • 6
    Yes. If setuid bit is set, it executes with ITS owner's permissions (usually root's), no matter who calls it. A good example is mount command. It does check who you are, but it CAN mount stuff if fstab says you can. Commented Mar 9, 2014 at 15:47

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.