Special Permission


All the command what ever we give to bash shell, it is nothing but a binary file, which all are stored in the directory called /bin or /sbin. Again all the commands are could not execute by the normal users. If root gives the permission to normal user to execute this type of command (system binary file), is called SUID.

Example: Normal user can not shutdown the system. Now root can give the permission to user to shutdown the system.

[ root@localhost root]# chmod u+s /sbin/shutdown

[ root@localhost root]# ls -l /sbin/shutdown

-rwsr--r-- 2 root root shutdown

ð Now, user also can shutdown the computer. In the above command we find that in the 'x' position, replace 's' means that the binary file "shutdown" have SUID permission.


SGID is another special permission of the directory only.

Consider, any group called grp1 and a directory called dir1.

[ root@localhost root]# ls -l dir1

drwxr--r-- 1 root grp1 dir1

[ root@localhost root]# cd dir1

If now root create any file inside the directory, then the group's name of new file will be "root". Consider the file name is "f1". i.e.

[ root@localhost dir1]# ls -l f1

-rwxr--r-- root root f1

But root wants same group's name of the file as the group's name of the directory at when the file will be created. Then the directory must need having the SGID permission.

[ root@localhost root]# chmod g+s dir1

[ root@localhost root]# ls -l dir1

drwxr-sr-- root grp1 dir1

ð Here "s" means that the directory have SGID permission.

[ root@localhost root]# cd dir1

[ root@localhost dir1]# touch f2

[ root@localhost dir1]# ls -l f2

-rwxr--r-- root grp1 f2

ð Here root user creates the file inside the dir1 directory but the group name of the file f2 is grp1.


By the STICKYBIT permission of the directory, other user can read, write and execute files of the directory. But they can't delete the files. This permission is only for directory.

[ root@localhost root]# chmod o+t dir1

[ root@localhost root]# ls -l dir1

drwxr--r-t root root dir1

ð Here 't' means that directory "dir1" have STICKYBIT permission. Other user can read, write and execute but can't delete any file from inside the directory.


[ root@localhost root]# chmod u-s /sbin/shutdown

[ root@localhost root]# chmod g-s dir1

[ root@localhost root]# chmod o-s dir1