SETUID:
Features:
a.ability to execute file as owner
b.chmod 4760 regextest.pl - this will ensure that the perl script always
executes as the user 'linuxcbt'
-rwsrw---- 1 linuxcbt sales 787 Jan 13 16:08 regextest.pl
's' in the execute position means that the program will execute as that user
SETGID:
Features:
Ability to enforce permissions to a directory structure
• mkdir /sales
• chmod 2775 /sales
Example:
Create a file in the '/sales' directory as 'linuxcbt'
• seq 1000000 > linuxcbt.1million.txt
chgrp:
Permits updating of group permissions
Sticky Bit:
Features:
Ability to ensure that users cannot delete others' files in a directory
drwxrwxrwt 23 root root 4096 Jan 13 15:05 /tmp/
/tmp - users cannot delete other user's files in '/tmp'
chmod 3777 /sales - ensures that /sales will not lose files from incorrect users
Task:
Set '/sales' using sticky bit and test
a. chmod 3777 /sales && ls -ld /sales OR chmod 777 /sales && chmod +t /sales
No comments:
Post a Comment