What are the SUID, SGID and the Sticky Bits?
Sticky Bit
Lets start with Sticky bit first. Since this is the most simplest to explain. Setting the sticky bit tells Unix that once the concerned application is executed, it should remain in memory. Remember that Unix is a multi-user OS and was mainly designed so that multiple users can work simultaneously. Thus the logic used is that a program that exists in memory requires lesser time to start when a new user requests for the same program. Thus when one user has just used a program and then a new user wants to use the same program, the second user doesn’t have to face a time delay for the program to initialize itself. It would be readily available to him. The concept of the sticky bit was a very useful one, long back when fast disk access and other memory access technologies weren’t around. But in today’s age the concept of sticky bit is obsolete, since modern day technology is advanced enough to reduce the time delay while loading applications into the memory. Thus currently the sticky bit is of very little significance. Sticky bit is only associated with executables.
SUID (Set User ID) Bit
Sometime you may faced an error while trying to run any application stating that the application must be ‘SUID root’ . You might have been confused that time, but now once you read this article you would no longer find it confusing.
SUID stands for Set User ID. This means that if the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application. That means in case I have an application whose owner is ‘ root ‘ and it has its SUID bit set, then when I run this application as a normal user, that application would still run as root. Since the SUID bit tells Linux that the the User ID root is set for this application and whenever this application executes it must execute as if root was executing it (since root owns this file).
SGID (Set Group ID) bit
Just like SUID, setting the SGID bit for a file sets your group ID to the file’s group while the file is executing. IT is really useful in case you have a real multi-user setup where users access each others files. As a single homeuser I haven’t really found a lot of use for SGID. But the basic concept is the same as the SUID, the files whose SGID bit are set would be used as if they belong to that group rather than to that user alone.
Setting the SUID/SGID bits
Setting SUID bits on the file:
Suppose I got the executable called “killprocess” and I need to set the suid bit on this file, go to command prompt and issue command:
chmod u+s filename
Now check permission on the file with command
ls -l filename
Observe “s” that has been added for suid bit
-rwsr-xr-x 1 root root 8 Jun 8 10:10 filename
Setting GUID bits on the file:
Go to command prompt and issue command:
chmod g+s filename
This will set the GUID bit on the same file, check the permission on this file using command:
ls -l filename
-rwsr-sr-x 1 root root 8 Jun 8 12:11 filename
Setting Sticky bits on the folder:
chmod +t folder
Find SUID/SGID files
Find all SUID root files:
find / -user root -perm -4000 -print
Find all SGID root files:
find / -group root -perm -2000 -print
Find all SUID and SGID files owned by anyone:
find / -perm -4000 -o -perm -2000 -print