Linux has 3 special permissions:
- SUID
- SGID
- Sticky Bit
They give extra permission behavior beyond normal r w x.
1. SUID (Set User ID)
SUID lets a file run with the owner’s permission, not the user running it.
Example:
- normal user runs command
- command executes as file owner
Usually owner is root.
Example
ls -l /usr/bin/passwd
Output:
- rwsr-xr-x
Notice:
s
instead of owner execute x
Meaning:
rws
User gets temporary owner permission.
Why?
Normal user cannot edit:
/etc/shadow
But password command:
passwd
must update it.
So Linux gives passwd SUID.
Set SUID
Symbolic:
chmod u+s file.sh
Octal:
chmod 4755 file.sh
4 = SUID
2. SGID (Set Group ID)
SGID makes file run with group permission.
On directories:
- new files inherit directory group
Very useful for team folders.
Example
mkdir project
chmod g+s project
Check:
ls -ld project
Output:
drwxr-sr-x
Now files inside inherit group.
Example
touch project/app.py
New file gets project group automatically.
Useful for:
- DevOps team
- shared deployments
- web projects
Set SGID
Symbolic:
chmod g+s folder
Octal:
chmod 2755 folder
2 = SGID
3. Sticky Bit
Used mostly on directories.
Only file owner can delete own files.
Even if directory is shared.
Example
ls -ld /tmp
Output:
drwxrwxrwt
Notice:
t
Why?
Everyone can write in:
/tmp
But one user should not delete another user’s files.
Sticky bit protects that.
Set Sticky Bit
Symbolic:
chmod +t shared/
Octal:
chmod 1777 shared/
1 = Sticky Bit
Quick Octal Table
| Number | Permission |
|---|---|
| 4 | SUID |
| 2 | SGID |
| 1 | Sticky Bit |
Real-World Usage
passwd
/usr/bin/passwd
uses SUID.
Shared DevOps folder
/srv/project
uses SGID.
Temp directory
/tmp
uses Sticky Bit.
Important Security Note
Be careful with SUID.
Wrong SUID on executable can allow:
- privilege escalation
- root access
Check SUID files:
find / -perm -4000
Easy Memory Trick
- SUID = run as owner
- SGID = run with group / inherit group
- Sticky = only owner can delete
Top comments (0)