Special Permission

What is Special File Permission?

- SUID (Set User ID) and SGID (Set Group ID) permissions in Linux are like special powers given to certain programs, allowing them to temporarily act as if they were run by a different user or group, which can be useful for specific tasks without compromising overall system security.

Distribution of special Permission?

user + s(pecial)

SUID, which stands for "Set User ID," has a simple job: When a file has SUID set, it means that no matter who tries to use it, it will always run as the person who owns the file. If the owner of the file can't use it, you'll see an uppercase "S" instead of a lowercase "s" to show there's a problem.

group + s(pecial)

SGID, which stands for "Set Group ID," is like a special power for groups, and it does two things:

1. When set on a file, it lets the file run as if it belonged to the group that owns it, like what SUID does for users.
2. When set on a folder, any new files created inside that folder automatically become part of the group that owns the folder. It's like the folder sharing its group with the new files.

other + t (sticky)

The "sticky bit" is the last special permission; it doesn't mess with the files. Instead, it works at the folder level, and its job is to stop anyone except the owner (or the superuser) from deleting files in that folder. It's like a protective shield for files, ensuring they can only be removed by those who put them there in the first place.

How to implement Special Permission?

Q1 How to add and remove special permission for users?

chmod u+s <filename>        

chmod u-s <filename>        

Q2 How to add and remove special permission for groups?

chmod g+s <filename>        

chmod g-s <filename>        

IT Scenario

Your Linux server is experiencing network connectivity problems, and you've invited a skilled network administrator named "Deepak" to diagnose and resolve the issue.

Step1: Add the user "Deepak" to the Linux machine

Step2: Add the group "Netadmin" to the Linux machine

Step3: create the folder "/var/networktools" for the Linux machine

Step4: Grant special permission to user "Deepak"

chmod u+s /var/notworktools/        

Step 5: Grant special permission to group "netwrokadmins"

chmod g+s <filename>         

Step 6: Now check the permissions for user "Deepak" so that he is able to go to the diagnostic file to run some diagnoses for troubleshooting.

su deepak        

How to check whether sticky bits is working fine or not?

So, whether you're a seasoned Linux pro or just beginning your Linux journey, take a moment to appreciate the elegance of Special File Permission. It's the foundation of a world where you have the power to control and customize your computing environment.

With that, happy Linux learning, and may your Linux directory explorations be filled with joy and success!