Verify on your system that the directories dot and dot-dot are not the same, except in the root directory
the root directory
vagrant@control01:/$
ls -ail
total 97
2
drwxr-xr-x 24 root
root 4096 Feb 21 20:28
.
2
drwxr-xr-x 24 root
root 4096 Feb 21 20:28
..
the directories dot and dot-dot are not the same
vagrant@control01
:~$
ls -ail
total 64
3145730
drwxr-xr-x 5 vagrant
vagrant 4096 Feb 22 05:08
.
3145729
drwxr-xr-x 3 root
root 4096 Aug 24 08:48
..
3145730
The first is the directory itself (so it contain
some data about directory permissions)
3145729
the second is the parent directory
The UNIX System guarantees that every process has a unique numeric identifier called the process ID. The process ID is always a non-negative integer
Directories cannot have hard links
Unix permits you to give files many names ("links")
,but, not directories
You are not allowed to create a hard link to a directory
Each directory
inode is allowed to appear once in exactly one parent directory and no more
every sub-directory only has one parent directory, and that means the special name ".." (dot
dot) in a sub-directory always refers unambiguously to its unique parent directory.
Each subdirectory adds one to the link count
A directory may have sub-directories. Since the special name ".." (dot
dot) in every one of those sub-directories is a link to the
inode number of the parent directory, the link count of the parent directory
is increased by one for every sub-directory the parent contains. (Remember - the link count counts how
many name-
inode maps point to this
inode, and that includes the special "." (dot) and ".." (dot
dot) name-
inode maps!) A directory with five sub-directories will show a link count of 2+5=7.
The sticky bit is used to
indicate special permissions for files and directories.
If a directory with sticky bit enabled will restrict deletion of the file inside it.
It can be removed by root, owner of the file or who have to write permission on it.
This is useful for publically accessible directories like /
tmp.
What is SUID (
setuid)?
If SUID bit is set on a file and a user executed it. The process will have the same rights as the owner of the file being executed.
For example:
passwd command have SUID bit enabled. When a normal user changes his password this script update few system files like /etc/
passwd and /etc/shadow
which can’t be updated by non-root account. So that
passwd command process always run with root user rights.
$
ls -
lrt /
usr/bin/
passwd
-
rwsr-xr-x 1 root
root 54256
May 16 2017 /
usr/bin/
passwd
$
ls -
lrt /etc/shadow
-
rw-
r----- 1 root shadow 994 Aug 24 2018 /etc/shadow
$
ls -
lrt /bin/
su
-
rwsr-xr-x 1 root
root 40128
May 16 2017 /bin/
su
https://tecadmin.net/understanding-sticky-bit-suid-and-sgid-in-linux/
No comments:
Post a Comment