SUID
All the command what ever we give to bash shell, it is nothing but a binary file, which all are stored in the directory called /bin or /sbin. Again all the commands are could not execute by the normal users. If root gives the permission to normal user to execute this type of command (system binary file), is called SUID.
Example: Normal user can not shutdown the system. Now root can give the permission to user to shutdown the system.
[ root@localhost root]# chmod u+s /sbin/shutdown
[ root@localhost root]# ls -l /sbin/shutdown
-rwsr--r-- 2 root root shutdown
ð Now, user also can shutdown the computer. In the above command we find that in the 'x' position, replace 's' means that the binary file "shutdown" have SUID permission.
SGID
SGID is another special permission of the directory only.
Consider, any group called grp1 and a directory called dir1.
[ root@localhost root]# ls -l dir1
drwxr--r-- 1 root grp1 dir1
[ root@localhost root]# cd dir1
If now root create any file inside the directory, then the group's name of new file will be "root". Consider the file name is "f1". i.e.
[ root@localhost dir1]# ls -l f1
-rwxr--r-- root root f1
But root wants same group's name of the file as the group's name of the directory at when the file will be created. Then the directory must need having the SGID permission.
[ root@localhost root]# chmod g+s dir1
[ root@localhost root]# ls -l dir1
drwxr-sr-- root grp1 dir1
ð Here "s" means that the directory have SGID permission.
[ root@localhost root]# cd dir1
[ root@localhost dir1]# touch f2
[ root@localhost dir1]# ls -l f2
-rwxr--r-- root grp1 f2
ð Here root user creates the file inside the dir1 directory but the group name of the file f2 is grp1.
STICKYBIT
By the STICKYBIT permission of the directory, other user can read, write and execute files of the directory. But they can't delete the files. This permission is only for directory.
[ root@localhost root]# chmod o+t dir1
[ root@localhost root]# ls -l dir1
drwxr--r-t root root dir1
ð Here 't' means that directory "dir1" have STICKYBIT permission. Other user can read, write and execute but can't delete any file from inside the directory.
TO REMOVE THE PERMISSION:
[ root@localhost root]# chmod u-s /sbin/shutdown
[ root@localhost root]# chmod g-s dir1
[ root@localhost root]# chmod o-s dir1
