suid - set owner user id on execution
When a suid bit is set on an executable, any non-owner executes that file will temporarily have the owner permission.
Suppose you have two accounts user1 and user2, each user only can write their own home directory.
drwxr-xr-x 2 user1 user1 4096 Mar 27 01:36 user1
drwxr-xr-x 2 user2 user2 4096 Mar 27 01:29 user2Since suid would only work for binary, not shell script. We’re going to create our own executable to experiment the concept.
user1:~$ gcc fopen-example.c -o fopen-example
sudo mv fopen-example /usr/local/bin/
Create an executable called fopen-example and put it to /usr/local/bin
-rwxr-xr-x 1 user1 user1 8800 Mar 27 01:35 /usr/local/bin/fopen-exampleLogin to user2 to execute fopen-example it should output “Could not open file for writing” because user2 DOES NOT have the permission to write user1 ‘s home directory.
Then we set the suid bit to fopen-example
sudo chmod u+s /usr/local/bin/fopen-exampleAnd then login to user2 to try again, file.txt should be generated successfully.
