You can set special permissions on a file in absolute or symbolic modes. In absolute mode, you set special permissions by adding a new octal value to the left of the permission triplet. Table 51-7 lists the octal values to set special permissions on a file.
Table 51-7 Setting Special Permissions in Absolute Mode
Octal Value |
Special Permissions Set |
---|---|
1 |
Sticky bit |
2 |
setguid |
4 |
setuid |
Table 51-6 lists the symbols to change the special permissions in symbolic mode.
If you are not the owner of the file or directory, become superuser.
Only the current owner or superuser can use the chmod command to change the special permissions on a file or directory.
Change special permissions in absolute mode by using the chmod command.
$ chmod nnnn filename |
nnnn |
Specifies the octal values that change the permissions on the file or directory. The first octal value on the left sets the special permissions on the file. See Table 51-7for the list of valid octal values for the special permissions. |
filename |
Is the file or directory. |
Verify the permissions of the file have changed.
$ ls -l filename |
The following example sets setuid permission on the dbprog file.
$ chmod 4555 dbprog $ ls -l dbprog -r-sr-xr-x 1 db staff 12095 May 6 09:29 dbprog |
The following example sets setgid permission on the dbprog2 file.
$ chmod 2551 dbprog2 $ ls -l dbprog2 -r-xr-s--x 1 db staff 24576 May 6 09:30 dbprog2 |
The following example sets sticky bit permission on the pubdir directory.
$ chmod 1777 pubdir |
Find files with setuid permissions set by using the find command.
# find directory -user root -perm -4000 -exec ls -ldb {}\; >/tmp/filename |
Display the results in /tmp/filename.
If you need background information about setuid permissions, see "setuid Permission".
# find / -user root -perm -4000 -exec ls -ldb { }\; > /tmp/ckprm # cat /tmp/ckprm -r-sr-xr-x 1 root bin 38836 Aug 10 16:16 /usr/bin/at -r-sr-xr-x 1 root bin 19812 Aug 10 16:16 /usr/bin/crontab ---s--x--x 1 root sys 46040 Aug 10 15:18 /usr/bin/ct -r-sr-xr-x 1 root sys 12092 Aug 11 01:29 /usr/lib/mv_dir -r-sr-sr-x 1 root bin 33208 Aug 10 15:55 /usr/lib/lpadmin -r-sr-sr-x 1 root bin 38696 Aug 10 15:55 /usr/lib/lpsched ---s--x--- 1 root rar 45376 Aug 18 15:11 /usr/rar/bin/sh -r-sr-xr-x 1 root bin 12524 Aug 11 01:27 /usr/bin/df -rwsr-xr-x 1 root sys 21780 Aug 11 01:27 /usr/bin/newgrp -r-sr-sr-x 1 root sys 23000 Aug 11 01:27 /usr/bin/passwd -r-sr-xr-x 1 root sys 23824 Aug 11 01:27 /usr/bin/su # |
An unauthorized user (rar) has made a personal copy of /usr/bin/sh, and has set the permissions as setuid to root. This means that rar can execute /usr/rar/bin/sh and become the privileged user. If you want to save this output for future reference, move the file out of the /tmp directory.