Linux CLIscripting~10 mins

Special permissions (setuid, setgid, sticky bit) in Linux CLI - Step-by-Step Execution

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Concept Flow - Special permissions (setuid, setgid, sticky bit)

Start

↓

Check file permissions

↓

Is setuid bit set?

Yes→Run file with owner's permissions

↓

Execute normally

↓

Is setgid bit set?

Yes→Run file with group's permissions

↓

Execute normally

↓

Is sticky bit set?

Yes→Restrict deletion in directory

↓

Normal deletion rules

↓

End

This flow shows how Linux checks special permission bits on files or directories and changes behavior accordingly.

Execution Sample

Linux CLI

ls -l /usr/bin/passwd
chmod u+s /usr/bin/passwd
ls -l /usr/bin/passwd

Shows the setuid bit on the passwd command, then sets it and shows the change.

Execution Table

Step	Command	Action	Output Example	Effect
1	ls -l /usr/bin/passwd	Check current permissions	-rwxr-xr-x 1 root root 54256 Apr 10 12:00 /usr/bin/passwd	No special bits set
2	chmod u+s /usr/bin/passwd	Set setuid bit		Setuid bit added
3	ls -l /usr/bin/passwd	Check permissions again	-rwsr-xr-x 1 root root 54256 Apr 10 12:00 /usr/bin/passwd	s in user execute means setuid active
4	Run /usr/bin/passwd as normal user	Execute file	Runs with root permissions	User temporarily has root rights for this program
5	chmod g+s /some/dir	Set setgid bit on directory		New files inherit group ownership
6	chmod +t /tmp	Set sticky bit on directory		Only owner can delete files inside
7	ls -ld /tmp	Check sticky bit	drwxrwxrwt 10 root root 4096 Apr 10 12:00 /tmp	t at end means sticky bit set
8	Try deleting file owned by another user in /tmp	Attempt deletion	Permission denied	Sticky bit prevents deletion by others
9	Exit			End of demonstration

💡 Demonstration ends after showing effects of setuid, setgid, and sticky bit.

Variable Tracker

Variable	Start	After Step 2	After Step 3	After Step 5	After Step 6
/usr/bin/passwd permissions	-rwxr-xr-x	-rwsr-xr-x	-rwsr-xr-x	-rwsr-xr-x	-rwsr-xr-x
/some/dir permissions	drwxr-xr-x	drwxr-xr-x	drwxr-xr-x	drwxr-sr-x	drwxr-sr-x
/tmp permissions	drwxrwxrwx	drwxrwxrwx	drwxrwxrwx	drwxrwxrwx	drwxrwxrwt

Key Moments - 3 Insights

Why does the 's' appear in the user execute position after setting setuid?

How does the sticky bit prevent file deletion in a directory?

What effect does setgid have on a directory?

Visual Quiz - 3 Questions

Test your understanding

Look at the execution table at step 3, what does the 's' in '-rwsr-xr-x' mean?

ASticky bit is set, file cannot be deleted

BSetuid bit is set, file runs with owner's permissions

CSetgid bit is set, file runs with group's permissions

DNo special permissions are set

Concept Snapshot

Special permissions in Linux modify file or directory behavior:
- setuid (user execute 's'): runs file as owner
- setgid (group execute 's'): runs file as group or sets group on new files in dir
- sticky bit ('t' on dir): restricts file deletion to owners
Use chmod u+s, g+s, +t to set these bits.
Check with ls -l (look for s or t in permissions).

Full Transcript

This lesson shows how Linux special permissions setuid, setgid, and sticky bit work. First, we check a file's permissions with ls -l. Then we set the setuid bit using chmod u+s, which changes the user execute permission to 's'. This means when the file runs, it runs with the file owner's permissions, not the user's. Next, we set the setgid bit on a directory with chmod g+s, so new files inherit the directory's group. Finally, we set the sticky bit on a directory with chmod +t, which prevents users from deleting files they do not own inside that directory. We verify these changes with ls -l and test effects like permission denied on deletion. The visual tables track permission changes step-by-step and explain how these bits affect file and directory behavior.