2.5 Given a scenario, apply the appropriate access controls

Question 1

What does the Set User ID (SUID) permission allow?

Answer 1

Runs the program using the permissions of the owner, regardless of which user executes it

Question 2

What are 2 common uses for the Set User ID (SUID) permission?

Answer 2

1. Allow users to run certain commands that normally require root access
2. Some programs don’t run well if not run with root permissions

Question 3

When viewing file permissions, what indicates that SUID/GUID permissions are set?

Answer 3

there is an “s”, instead of “x” or “-“ in the permissions
i.e. -r-sr-sr–

Question 4

What does the Set Group ID (SGID) permission do?

Answer 4

Runs the program using the permissions of the group owner

Question 5

What are the 2 ways to modify the SUID/GUID permission of a file/directory

Answer 5

1. Using numeric permissions (4 for user, 2 for group) with chmod
   i.e. chmod 4770 [file/directory name]
2. Using chmod u+s [file/directory name]

Question 6

What does setting the sticky bit on a file/directory do?

Answer 6

Prevents deletion of files by anyone except the owner

Question 7

When viewing file permissions, what indicates that the sticky bit is set?

Answer 7

a “t”, in the place for execute permission
i.e. -rw-rw-r-T

Question 8

What is a common use for the sticky bit?

Answer 8

To prevent users from deleting others’ files in a shared directory. Assigning “write” permission to a group for a directory also allows any member to delete any other file.

Question 9

What are 2 ways to assign the sticky bit?

Answer 9

1. numeric value 1, i.e. chmod 1774 [file/directory name]
2. chmod o-t [file/directory name]