Unix permissions: The sticky, SUID and SGID bits
Hello, today I'll write about more permissions, this time it will be about the Sticky, SUID and SGID bits.
I'll write about them because one of my readers told me that it would be a good idea to write about these bits.
Sticky bit
What the sticky bit does is that when you execute an application it will be residing in the memory, so if other user (thinking in a multiuser environment) executes that same application it will run faster because it's already active in memory.
So this permission fastens the executions if multiple users are using the same application.
SUID bit
If we apply the SUID bit to an application, it will run with the UID of the owner even if you are logged in as another user. For example if all the users need to execute fdisk without using sudo or escalate to root we just have to apply this bit to fdisk.
SGID bit
The same as SUID but it applies to the group owner of the application.
The SUID bit to execute bash scripts as root
Even if we can apply SGID to execute applications with a different user as the one we are logged in, there are things we can't do even if the owner of the script is root.
First of all, for a script to execute as root we have to apply the SUID bit to the shell we use to execute scripts, because the application in this case is the shell, the script is just a file that will be interpreted by the shell.
Special commandas like adduser can't be executed by any other user even if it has the SUID bit of root. So it won't work a script that executes the adduser command even if the shell has the SUID bit. If you don't believe me tray it ;) I even set the SUID bit for root to my shell, to adduser, to my script that executes adduser and the system didn't permit it.
The SUID bit and GTK+
GTK doesn't support the use of SUID or SGID. So if you try to run a GTK based application with one of these birs the execution will send and alert and it will not start.
Then how can we use these bits?
It can be used to create scripts that write files inside directories in which other users don't have permissions. For example, that any user can create a file inside the root home directory.
Or like I said it before, is possible to use some applications with SUID and SGID like fdisk.
And now you may be asking, well a script to write file in /root, but hadn't you said that to make this work you have to apply the SUID bit to the shell? OK, do this can be risky, to let the shell execute always as root with any user, but there is a trick to make it work without making all your shell root.
We just have to copy our shell to other directory and in that copy apply the SUID bit so the original shell doesn't have to be executed always by root. Then we point our sh to this shell.
Even though this is not a good practice because it isn't secure to allow scripts to be executed as root, but SGID can make easy a lot of things if the server or computer where it is going to be apply is managed only by the right people or SysAdmins.
The commands to apply the SUID bit to a copy of the shell:
First we find where is our shell:
The commands to apply these bits are:
How permissions are visualized
Visualization with SGID if the group doesn't have execute permissions, in this example the owner has reading permissions, group reading and writing permissions, other users reading permissions. Applying SGID:
I'll write about them because one of my readers told me that it would be a good idea to write about these bits.
Sticky bit
What the sticky bit does is that when you execute an application it will be residing in the memory, so if other user (thinking in a multiuser environment) executes that same application it will run faster because it's already active in memory.
So this permission fastens the executions if multiple users are using the same application.
SUID bit
If we apply the SUID bit to an application, it will run with the UID of the owner even if you are logged in as another user. For example if all the users need to execute fdisk without using sudo or escalate to root we just have to apply this bit to fdisk.
SGID bit
The same as SUID but it applies to the group owner of the application.
The SUID bit to execute bash scripts as root
Even if we can apply SGID to execute applications with a different user as the one we are logged in, there are things we can't do even if the owner of the script is root.
First of all, for a script to execute as root we have to apply the SUID bit to the shell we use to execute scripts, because the application in this case is the shell, the script is just a file that will be interpreted by the shell.
Special commandas like adduser can't be executed by any other user even if it has the SUID bit of root. So it won't work a script that executes the adduser command even if the shell has the SUID bit. If you don't believe me tray it ;) I even set the SUID bit for root to my shell, to adduser, to my script that executes adduser and the system didn't permit it.
The SUID bit and GTK+
GTK doesn't support the use of SUID or SGID. So if you try to run a GTK based application with one of these birs the execution will send and alert and it will not start.
Then how can we use these bits?
It can be used to create scripts that write files inside directories in which other users don't have permissions. For example, that any user can create a file inside the root home directory.
Or like I said it before, is possible to use some applications with SUID and SGID like fdisk.
And now you may be asking, well a script to write file in /root, but hadn't you said that to make this work you have to apply the SUID bit to the shell? OK, do this can be risky, to let the shell execute always as root with any user, but there is a trick to make it work without making all your shell root.
We just have to copy our shell to other directory and in that copy apply the SUID bit so the original shell doesn't have to be executed always by root. Then we point our sh to this shell.
Even though this is not a good practice because it isn't secure to allow scripts to be executed as root, but SGID can make easy a lot of things if the server or computer where it is going to be apply is managed only by the right people or SysAdmins.
The commands to apply the SUID bit to a copy of the shell:
First we find where is our shell:
This will show us if we are using dash or bash, now let's find it's real location with the result of the last command, let's use as example that it is bash and let's search as root or with sudo so we don't have errors y our search:
Now that we know where it is let's copy it to other place, in this example will be to rukia's home from /bin/bash:
And finally we just apply SUID or SGID to the shell copy.
The commands to apply these bits are:
SUID:
Remove SUID:
SGID:
Remove SGID:
Apply sticky bit:
Remove sticky bit:
How permissions are visualized
How permissions will be visualized for SUID if the owner doesn't have execute permissions for the application, in this example the owner only has reading and writing permissions, group reading permissions, other users reading permissions. Applying SUID:
Visualization with SUID if the owner has execute permissions, in this example the owner has reading, writing and execute permissions, group reading permissions, other users reading permissions. Applying SUID:
Visualization with SGID if the group doesn't have execute permissions, in this example the owner has reading permissions, group reading and writing permissions, other users reading permissions. Applying SGID:
Visualization with SGID if the group has execute permissions, in this example the owner has reading permissions, group reading and execute permissions, other users reading permissions. Applying SGID:
Visualization of the sticky bit if other users doesn't have execute permissions, in this example the owner and group have all permissions, other users only reading and writing permissions. Applying sticky bit:
Visualization of the sticky bit if other users have execute permissions, in this example the owner, group and other users have all permissions. Applying sticky bit:
And that is all I know right now about these bits, hope it helps and if something is wrong please tell me as I'm new to these bits too.
Comentarios
Publicar un comentario