Permission Bits

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey, Cybrarians.
00:00
>> Welcome back to
00:00
>> the Linux plus course here at Cybrary.
00:00
I'm your instructor Rob Goelz,
00:00
and in today's lesson, we're going to
00:00
be discussing permission bits.
00:00
Upon completion of this lesson,
00:00
you are going to be able to understand
00:00
the purpose of these permissions bits,
00:00
and see how to spot the permission bits on an object.
00:00
In addition to the standard read,
00:00
write, and execute bits,
00:00
there's also a set of bits
00:00
that are called permission bits.
00:00
Each bit has an octal notation representation,
00:00
and this is added to the front of the file mode.
00:00
Just like we have, say,
00:00
664 for a file,
00:00
if it has a permission bit on it,
00:00
it will actually say something like 4664,
00:00
or 2664, or 1664,
00:00
and we'll also see that these bits make
00:00
some changes to the execute field for u,
00:00
g, or o as we go through this lesson.
00:00
The SUID bit is used with executable files.
00:00
It runs the program with the permissions of
00:00
the user owner rather than the user running it.
00:00
Most often, this is used for programs that root owns,
00:00
but that also must be run as root by default.
00:00
The SUID bit shows up as an s instead of
00:00
the execute permission letter for
00:00
the user permission bits on a file,
00:00
and we can see this down below.
00:00
This is an example right here,
00:00
we're looking at user bin mounts,
00:00
the mount command,
00:00
and if we look in the user section,
00:00
we see that where there should be
00:00
an x, read write execute,
00:00
instead we see a read write s,
00:00
and the s indicates that we have SUID bit.
00:00
What this says is that the user owner root
00:00
is going to be the one who
00:00
runs this command all the time.
00:00
We're going to inherit the permissions
00:00
to run mount as root all the time.
00:00
We can find all of the files that have this kind of
00:00
a setting by running this find command as root.
00:00
What we're doing is we're doing
00:00
a search in the root directory,
00:00
and we're specifying permissions
00:00
that start with the number four,
00:00
because remember, four is the octal notation for SUID.
00:00
The next one we're going to look
00:00
at, the next permission bit,
00:00
is the set group ID or SGID,
00:00
and this bit has a different purpose depending upon
00:00
whether we're looking at a file or a directory object.
00:00
If it's a file, it means that Linux is going to run
00:00
the permissions of the group owner
00:00
instead of the user running the program,
00:00
but if it's a directory,
00:00
it means that the group is going to inherit all
00:00
of the same permissions to
00:00
all the files in the directory.
00:00
Everybody in the group gets the same
00:00
permissions to that directory,
00:00
and it effectively creates a shared directory.
00:00
Now, the SGID bit,
00:00
just like what we saw with the SUID bit,
00:00
it shows up as an s instead
00:00
of the execute permission letter,
00:00
but it's going to show that in the G permission bits
00:00
on a file or directory.
00:00
What we saw previously was the first set of bits,
00:00
the first rwx,
00:00
the x was replaced by an s. Here,
00:00
because we're talking about a group,
00:00
the second set of rwx bits,
00:00
the x is going to be replaced by
00:00
an s because it's the SGID.
00:00
We'll see that on the file,
00:00
that file has an s where the x should be,
00:00
and then we're looking at a directory,
00:00
we see that that also has
00:00
an s where the x would normally be.
00:00
Just like we saw with SUID,
00:00
we can find all files that have
00:00
an SGID bit by running this find command as root,
00:00
and we're doing a search or using find to
00:00
search and root with permissions
00:00
that start with the number two.
00:00
Remember number two is going to
00:00
be the octal notation for SGID.
00:00
Finally, we're going to look at
00:00
the sticky bit in detail.
00:00
The sticky bit is a little bit unique.
00:00
It's used to protect files,
00:00
so this bit is used on
00:00
directories that are shared by groups,
00:00
and what this means is that files in this directory
00:00
can't be deleted by anybody other than the owner of root.
00:00
If there are a lot of users using that directory,
00:00
this ensures that one user
00:00
that has created the file can delete the file,
00:00
or root, the other users
00:00
can't delete the files from somebody else,
00:00
they can only delete their own files.
00:00
None of the group users can delete
00:00
the files besides the owner of that file.
00:00
This sticky bit, this permission bit shows up as a t,
00:00
and it shows up as a t in
00:00
that last set of rwx permissions.
00:00
Here, it's going to show up in replace of
00:00
the x permission for
00:00
the o permission bits on a directory.
00:00
We saw with the set UID,
00:00
it was rws,
00:00
we saw for the set GID,
00:00
it was rws, but it was in the group setting,
00:00
here we see it at the very end,
00:00
and in the last set of rwx,
00:00
where the x is replaced by t,
00:00
and this indicates that this sticky bit has
00:00
been set on this temp directory.
00:00
We can find all files with
00:00
the sticky bit by running the find command as root,
00:00
and we're doing a find in root for
00:00
permissions that start with one,
00:00
because the permissions that start with one
00:00
indicates that we're using the [inaudible]
00:00
notation for the sticky bit.
00:00
With that, we reached the end of this lesson.
00:00
In this lesson, we covered the purpose of
00:00
the permission bits and how to
00:00
spot those permission bits on an object.
00:00
Thanks so much for being here,
00:00
and I look forward to seeing you in the next lesson.
Up Next