Practice Use drills for recall and labs for real operating judgment.

LAB-PERM-05 - SUID, SGID, and Sticky Bit

Understand what the special permission bits are for, recognize them in the wild, and practice the safer ones without creating risky binaries.

ACL Permission Management

SUID, SGID, and Sticky Bit

Understand what the special permission bits are for, recognize them in the wild, and practice the safer ones without creating risky binaries.

40 min ADVANCED LINUX Curriculum-reviewed
Prerequisites
Lab LAB-PERM-03 - Numeric Permissions (Octal) Lab LAB-PERM-04 - Ownership and chown
Success criteria
  • Recognize SUID, SGID, and sticky bit in permission output.
  • Explain when SGID and sticky bit are useful.
Safety notes
  • Do not create custom root-owned SUID binaries while learning. Observe existing ones and practice SGID or sticky bit in sandboxes instead.

Part A: The Field Guide

Special permission bits adjust the normal permission model in specific cases.

The three most important ones are:

  • SUID on executables
  • SGID on shared directories
  • sticky bit on shared writable directories

The key learning goal is not to use them everywhere. It is to understand why they exist and how to recognize them safely.

What they do

  • SUID lets a program run with the file owner’s effective identity
  • SGID on a directory helps new files inherit the directory’s group
  • sticky bit helps prevent users from deleting each other’s files in a shared writable directory

Safety Boundary

Inspect existing SUID programs, but do not practice by creating your own privileged binaries. That crosses into risk without adding much beginner value.

Part B: The Drill Deck

Terminal required: focus on reading and low-risk directory practice.

G
Guided Step by step - type exactly this and compare the result
>

Exercise G1: Spot SUID on an existing binary

  1. Run ls -l /usr/bin/passwd
  2. Look for the s in the owner execute position
  3. Explain in simple terms why a password-changing program may need extra privilege

Exercise G2: Spot sticky bit on /tmp

  1. Run ls -ld /tmp
  2. Look for the trailing t
  3. Explain why a shared writable directory needs protection against cross-user deletion

Exercise G3: Practice SGID on a sandbox directory

  1. Run mkdir -p ~/special_bits_lab/teamdir
  2. Run ls -ld ~/special_bits_lab/teamdir
  3. Run chmod g+s ~/special_bits_lab/teamdir
  4. Run ls -ld ~/special_bits_lab/teamdir
  5. Notice the s in the group execute position

You are not trying to build a production collaboration directory here. You are learning to recognize the bit and what it is for.

S
Solo Task described, hints available - figure it out
>

Exercise S1: Translate the markers

Explain what each permission string is signaling:

  1. -rwsr-xr-x
  2. drwxrwsr-x
  3. drwxrwxrwt

Exercise S2: Sticky bit reasoning

Why is sticky bit more appropriate on a shared temporary directory than on an ordinary private directory? Answer in words.

M
Mission Real scenario - no hints, combine multiple skills
>

Mission M1: Find existing SUID files safely

Construct a command that searches for files with the SUID bit set, but keep the task observational.

Hints:

  • search from /
  • limit to files
  • suppress noisy permission errors

The goal is not to change anything. The goal is to inspect the system and recognize where this mechanism is already being used.