Story introduced
Today met an instruction,
Chmod 4777 test
How one before 777, overturned my cognition, this time must be double bird elder brother god book, found a link "7.4.3 file special privileges: SUID/SGID/Sticky Bit", chewed a moment finally understand, the arrangement is as follows:
In addition to the traditional reading r, writing w, perform x, and Linux file special privileges, they are respectively Set UID, Set GID, Sticky Bit three, is the one who is, extra function is introduced as follows:
Set the UID, SUID
Weight: 4
Symbol: x - & gt; S
Characteristics: only the executable file is valid,
Function: executable file is executed with file owner permissions,
Case:/usr/bin/passwd permissions to 4755, the average user can perform the passwd command, the corresponding ordinary users, random variable Grosvenor LTD handsome, obtained the root access, you can change the normal user common fundamental can't even think about, can't modify the root of the/etc/shadow file system (if the/usr/bin/passwd permissions to 755, the average user perform passwd, there will be no permissions to modify the root on the problem of/etc/shadow file)
Set GID, SGID
Weight: 2
Symbol: x - & gt; S
Features: file and directory can cast spells,
Function: executable file, directory, during execution of the same user group have file owner permissions,
Case: SGID multi-purpose on specific people team project development, in the system with less
The Sticky Bit, SBit
Weight: 1
Symbol: x - & gt; T
Features: only effective for the directory,
Function: when the directory SBit=1, access to RWX RWX RWT, under this folder to delete, rename, mobile operating only allowed is corresponding author users or root (if SBit=0, between the user created files can delete each other, each other injury)
Case:/TMP permissions to 1777, this directory under the different users can not delete the file, only can delete their own (if the permissions/test for 777, the test directory interoperable between different users delete files)
[Linux file special privileges "hidden levels"]
See here, everyone should understand the SUID SGID StickyBit which contain similar "set had a founder corresponding permissions" functionality (may not be precise, it is good to everybody to understand the meaning), then when the creator did not execute permissions (x is 0, rw - rw - rw - for example), then there will be a hidden barriers - capital SST, namely rwSrwSrwT, permissions on behalf of the empty, like a bird elder brother said in the book "the owner cannot be performed, where the permissions for others to use? Of course is empty "
Source: https://www.cnblogs.com/zklidd/p/7100276.html
