Permissions (Part 2)

LPIC-1LINUX

4/16/2026

1. SUID (Set User ID) (s)

When the SUID bit is set on an executable, any user who runs that file will execute it with the permissions of the file's owner (usually root), rather than their own.

  • Symbolic representation: rws------ (The s replaces the x in the owner field).

  • Numerical value: 4000

The Example: /usr/bin/passwd

In Linux, user passwords are stored in /etc/shadow, a file that only the root user can write to for security reasons. However, a regular user needs to be able to change their own password.

  1. A user runs the passwd command.

  2. Because the passwd binary has the SUID bit set and is owned by root, the command runs with root privileges.

  3. This allows the command to temporarily "reach into" /etc/shadow and update the password.

  4. Once the command finishes, the user returns to their normal, restricted permissions.

2. SGID (Set Group ID) (s)

SGID has two different behaviors depending on whether it is applied to a file or a directory.

On a File

Similar to SUID, the file executes with the permissions of the group that owns the file.

  • Symbolic: r-xr-sr-x (The s is in the group field).

  • Numerical: 2000

On a Directory (The most common use)
This is used for collaboration. When SGID is set on a directory, any new files or subdirectories created inside it will inherit the Group ID of the parent directory, rather than the primary group of the user who created the file.
The Example: Shared Project Folder

Imagine a team of developers working in a folder called /projects/alpha.

  • The folder is owned by the group devs.

  • Without SGID: If User A (group devs) creates a file, the group ownership might default to User A's private group, making it hard for User B to edit it.

  • With SGID: Any file User A creates will automatically be owned by the devs group, ensuring everyone in that group has the necessary access immediately.

3. The "Sticky Bit" (t)

The example: /tmp directory

When using ls -ld /tmp, you’ll see rwxrwxrwt. That t at the end means that even if a user has w and x permissions on a directory, they can only delete files that they personally own. This prevents users from deleting each other's work in shared folders.

Summary Comparison

Special Bit Numerical Symbolic Main Effect

SUID 4000 u+s File runs as the Owner.

SGID 2000 g+s File runs as the Group (or new files inherit the Group).

Sticky Bit 1000 o+t Only the owner can delete files in that directory.

Note: If you see a capital S (e.g., rwS---), it means the bit is set, but the underlying execution (x) permission is missing. For the bit to actually function, the file must also be executable (lowercase s).

Symbolic vs. Numeric

You can change permissions using u+s or 4755.

  • Use Symbolic (chmod g+s) when you only want to change one specific thing without touching the rest.

  • Use Numeric (chmod 2755) when you want to "reset" the entire permission string to a specific state.

Quick refresher

4000 - SUID - Changing password for a regular user. Binary file is executed as the user ownership, usually root - u+s

2000 - SGID - Usually a binary file is executed as the group ownership - g+s

2000 - SGID - Group of the directory inheritance of group permissions. Collaborative file sharing under that directory - g+s

1000 - Sticky bit - Can't delete others files under that directory - o+t

Contact

Email

hello@unixtips.eu

© 2025. All rights reserved.