Thursday, December 31, 2009

SETUID IN REDHAT LINUX

SETUID:

Features:

a.ability to execute file as owner

b.chmod 4760 regextest.pl - this will ensure that the perl script always
executes as the user 'linuxcbt'

-rwsrw---- 1 linuxcbt sales 787 Jan 13 16:08 regextest.pl

's' in the execute position means that the program will execute as that user


SETGID:

Features:
Ability to enforce permissions to a directory structure
• mkdir /sales
• chmod 2775 /sales

Example:

Create a file in the '/sales' directory as 'linuxcbt'
• seq 1000000 > linuxcbt.1million.txt
chgrp:

Permits updating of group permissions

Sticky Bit:

Features:

Ability to ensure that users cannot delete others' files in a directory

drwxrwxrwt 23 root root 4096 Jan 13 15:05 /tmp/

/tmp - users cannot delete other user's files in '/tmp'

chmod 3777 /sales - ensures that /sales will not lose files from incorrect users

Task:
Set '/sales' using sticky bit and test
a. chmod 3777 /sales && ls -ld /sales OR chmod 777 /sales && chmod +t /sales

No comments:

Post a Comment