Skip to main content

SUID with example

SUID is Set owner User ID.

 When SUID is used?
Eg: You are a Super administator and can run commands like "fdisk -l" from root user.
But what if in your absence, you want this command to run by a normal user.
"fdisk -l" will not give any output when run with normal user account.

 One option is to give sudors permission to the normal user and then user can run the command. But there is risk in this. Sudoers will allow normal user to run all the root commands.

 To prevent this and allow the normal user to run only one command, SUID is used. After setting SUID for /sbin/fdisk, then normal user will be get the result for "fdisk -l"
SUID info:

 Permission Number : 4

 To set SUID:
# chmod u+s <filename>

 To remove SUID:
# chmod u-s <filename>

 Eg:
Before permission of /sbin/fdisk
ls -l /sbin/fdisk
-rwxr-xr-x 1 root root 267176 Aug  5 06:55 /sbin/fdisk

 Setting SUID for /sbin/fdisk
#chmod u+s /sbin/fdisk

 Now permission of /sbin/fdisk will be
ls -l /sbin/fdisk
-rwsr-xr-x 1 root root 267176 Aug  5 06:55 /sbin/fdisk


 You will notice S in the owner permission.


Note:
You can also use numeric value to set SUID.

 To set
chmod 4755 /sbin/fdisk

To unset
chmod 0755 /sbin/fdisk



Labels:

Comments

Post a Comment

Popular posts from this blog

Ansible script to stop iptables

 Ansible script to stop iptables and disable during boot Step 1. [root@cluster playbooks]# pwd /root/playbooks [root@cluster playbooks]# cat hosts [webservers] 169.254.41.221 169.254.41.222 Step2. [root@cluster playbooks]# cat iptables.yml --- - name: stop ipatbles and disable   hosts: webservers   tasks:   - name: stop iptables     service: name=iptables state=stopped   - name: disbale on iptable on boot     service: name=iptables enabled=no Step3: [root@cluster playbooks]# ansible-playbook iptables.yml PLAY [stop ipatbles and disable] *********************************************** TASK [setup] ******************************************************************* ok: [169.254.41.222] ok: [169.254.41.221] ok: [localhost] TASK [stop iptables] *********************************************************** changed: [localhost] ok: [169.254.41.221] ok: [169.254.41.222] TASK [disbale on iptable on boot] *********************************...
Post a Comment
Read more

Understanding TCP & UDP

 TCP (Transmission Control Protocol) is stateful. This means it maintains a connection state between the communicating parties throughout the communication session. Stateful Nature of TCP Connection Establishment : TCP requires a connection to be established between the sender and receiver before data transmission can begin. This is done through a process called the three-way handshake. Three-Way Handshake : This process involves the exchange of three messages (SYN, SYN-ACK, and ACK) to establish a reliable connection. Maintaining State : During the connection, TCP keeps track of various parameters to ensure reliable and ordered data delivery. Sequence Numbers : TCP assigns sequence numbers to each byte of data to ensure it is received in the correct order. Acknowledgements (ACKs) : The receiver sends acknowledgements for the received data packets. If an ACK is not received, the sender retransmits the data. Flow Control : TCP uses a window mechanism to control the rate of data tran...
Post a Comment
Read more

Get information about remote hosts using Ansible

Get information about remote hosts using Ansible setup command Below command gives all the information of client hosts which includes memory, server architecture, IP adresses etc. [root@ansible mywork]# ansible all -i hosts -m setup If you need just memory information of remote node then for the above command need to add filter as shown below [root@ansible mywork]# ansible all -i hosts -m setup -a "filter=ansible_*_mb" node01 | SUCCESS => {     "ansible_facts": {         "ansible_memfree_mb": 873,         "ansible_memory_mb": {             "nocache": {                 "free": 919,                 "used": 77             },             "real": {                 "free": 873,           ...
Post a Comment
Read more