HPE Community
Operating System - HP-UX
1752800 Members
5954 Online
108789 Solutions
New Discussion юеВ

Re: what is the action of this command.

 
unixguy_1
Regular Advisor

тАО02-10-2009 10:21 PM

тАО02-10-2009 10:21 PM

what is the action of this command.


Hi,

chmod 6750 /opt/oracle/oraepm

Pls guide me what's the meaning of 6750 permission command?


pls anyone helpme out.

Regards,
Unixguy.
0 Kudos
Reply
6 REPLIES 6
Jeeshan
Honored Contributor

тАО02-10-2009 10:31 PM

тАО02-10-2009 10:31 PM

Re: what is the action of this command.

it may look like the following permissions

-rwsr-s---

SUID and SGID bit coexist here.
a warrior never quits
0 Kudos
Reply
sujit kumar singh
Honored Contributor

тАО02-10-2009 10:38 PM

тАО02-10-2009 10:38 PM

Re: what is the action of this command.

hi


please observe the following:
# pwd
/var/sujit
# chmod 2750 /var/sujit/sujit1
# ll
total 327264
dr-xr-xr-x 38 root sys 8192 Jan 19 20:45 etc
-rw------- 1 root sys 167550976 Jan 19 20:43 etc.back
drwxr-s--- 3 root sys 96 Feb 11 11:56 sujit1
# chmod 4750 /var/sujit/sujit1
# ll
total 327264
dr-xr-xr-x 38 root sys 8192 Jan 19 20:45 etc
-rw------- 1 root sys 167550976 Jan 19 20:43 etc.back
drwsr-x--- 3 root sys 96 Feb 11 11:56 sujit1
# chmod 6750 /var/sujit/sujit1
# ll
total 327264
dr-xr-xr-x 38 root sys 8192 Jan 19 20:45 etc
-rw------- 1 root sys 167550976 Jan 19 20:43 etc.back
drwsr-s--- 3 root sys 96 Feb 11 11:56 sujit1
#


this simultaneosusly does set the SUID and SGID ..


regards
sujit
0 Kudos
Reply
unixguy_1
Regular Advisor

тАО02-10-2009 10:43 PM

тАО02-10-2009 10:43 PM

Re: what is the action of this command.

Hi ahsan,

it will set the Set User-ID and Set Group ID Permissions.

ok can you give the full details about the permissions,
iam asking the special permission.

Pls anyone helpme out

Thanks,
Unixguy.

0 Kudos
Reply
Jeeshan
Honored Contributor

тАО02-10-2009 10:58 PM

тАО02-10-2009 10:58 PM

Re: what is the action of this command.

SUID - u+s and numeric is 4
SGID - g+s and numeric is 2

for more info

#man chmod
a warrior never quits
0 Kudos
Reply
sujit kumar singh
Honored Contributor

тАО02-11-2009 12:11 AM

тАО02-11-2009 12:11 AM

Re: what is the action of this command.

Hi


IF you want to knoe aboy setting the SGID, SUID and Sticky Bit Permissions on a file then Ahsan has given you all the possible indications.

just to add what Ahsan says and technically making no difference::

#chmod u+t
OR
#chmod 1XXX
sets the Sticky Bit permission.


#chmod g+s
OR
#chmod 2XXX
sets the SGID

#chmod u+s
OR
#chmod 4XXX

sets the SUID

The setting of SUID and SGID is about to give the Effective permission to a file when this will be executed by other users, during Execution the processess shall take the Effective UID and GID that of the user set and not that of the user executing the file.

Beware as you use SUID and SGID(as called the Special Permissions), this can be drastic somtime that a normal use can execute that file with the SuperUser cpabilities.



regards
sujit
0 Kudos
Reply
Ganesan R
Honored Contributor

тАО02-11-2009 12:27 AM

тАО02-11-2009 12:27 AM

Re: what is the action of this command.

Hi Unixguy,

Here is some explanations about SUID and SGID.

We use the chmod command to set these special permissions to a file. If you are using a
symbolic method, use u+s for setting SETUID and g+s for setting SETGID. In case you use
octal numbers, add a fourth octal digit on the left-hand side of the file permissions. Digit 4
represents SETUID and 2 represents SETGID. Examples of symbolic and octal number use
are given below.
$ ll file1
-rwxrwxrwx 1 boota users 0 Sep 8 18:06 file1
$ chmod u+s file1
$ ll file1
-rwsrwxrwx 1 boota users 0 Sep 8 18:06 file1
$ chmod 2777 file1
$ ll file1
-rwxrwsrwx 1 boota users 0 Sep 8 18:06 file1
$
As you can see, "x" is replaced by "s" in the file permission representation with either SUID or
SGID.

The SUID bit plays an important role when you want to execute a program with higher
privileges. For example, when you change your password, you modify the /etc/passwd file.
Only root has permission to modify this file, so how can every system user modify it? This
becomes possible because the command you use for a password change (/bin/passwd) is
owned by root and has the SETUID bit set. So whenever any user executes this command, the
command runs as root and has the privilege to modify the /etc/passwd file.
This also causes a great security problem. For example, if you have a program with the SUID
bit set, anybody executing that program gets the privileges of the owner of the program during
the execution of that program. Now, if by chance you also allow write permission to that
program file, someone can change the contents of the program and execute it with the owner
privilege. Just imagine if someone has write permission to a file owned by root and the
SETUID bit is in place, the user can change its contents with some other command to damage
the whole file system!
Best wishes,

Ganesh.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.