What is SUID bit or special permission in Linux?

In this article, you will learn about what is suid permission in Linux.

The SUID stands for Set User IDentification. It is also known as SUID bit. It is special permission basically for a file, but we can also give this permission to the directory on the user permission section. The SUID is a kind of permission that we give temporarily to a user to run a program or file with the permission of the file owner.

You can say that the user will obtain the file owner’s permissions as well as owner UID and GID while executing a file, program, or command.

Example of SUID

A regular user can not modify the /etc/passwd and /etc/shadow file. Only the root user has permission to modify these files. If a normal user can not modify these files, so how can he/she change the password for his/her account?

Even if you give the full permission to access these files, then the command will not work. In this situation, SUID comes to work. The passwd command is set with SUID to give root user permissions to a standard user so that it can update /etc/shadow and other files. You can take a look at the passwd command file permission in the below picture.

passwd file

Giving the SUID permission

If you want to change the file or directory permissions, then there is a command, which is known as chmod command. The chmod is the short form of change mode. And, using this command, you can set the SUID permission. There are two modes to use this command.

  1. Symbolic mode
  2. Absolute or (Numerical/Octal) mode

Symbolic mode

Symbolic modes represent changes to files’ permissions as operations on single-character symbols.

You can also look below, so you can understand it easily.

rwx +s = rws (Small s means, the user has both execute and special permission)

rw- +s = rwS (Capital S means, the user has only special permission)

For example, I am creating a file with the name demofile using the touch command. And then I will give special permission, i.e. capital S. Let’s have a look.

touch demofile
chmod u+s demofile
suid permission linux
Create a file and then give the special permission.

Note: If you want to give execute, and special permission to the file demofile to the user section, then you have to give the execute permission using the below command.

chmod u+x demofile
Giving the execute permission after special permission to the demofile.

Absolute mode or Numerical or Octal mode

In absolute mode, we use numbers to represent SUID permission (the method most commonly used to set permissions). And the number four (4) is used for it. To read more about this numerical method, you understand essential permission. Just for the brief, the same command for special permission will be as below.

chmod 4644 demofile

Here, 4 for special permission,

6 for read and write permission for owner.

4 for read permission of the group

And last 4 for read permission of the other users.

Now If you want to give the execute permission then it will be

chmod 4744 demofile

How to find all the SUID set file in Linux/Unix

find / -perm /4000

Here, I am looking for SUID set files in / (root partition or root directory). If you are looking to another place, then change the / with your specific location.

Conclusion

In this tutorial, you learned about SUID permission in Linux. It is special permission. We don’t generally need it, but you must know it. I hope you understand but, if you have any questions, you can ask in the comment section.

Also, you can further read,

Leave a Reply