Wednesday, March 6, 2019

the directories dot and dot-dot

Verify on your system that the directories dot and dot-dot are not the same, except in the root directory

the root directory
vagrant@control01:/$ ls -ail
total 97
      2 drwxr-xr-x  24 root    root     4096 Feb 21 20:28 .
      2 drwxr-xr-x  24 root    root     4096 Feb 21 20:28 ..


the directories dot and dot-dot are not the same
vagrant@control01:~$ ls -ail
total 64
3145730 drwxr-xr-x 5 vagrant vagrant 4096 Feb 22 05:08 .
3145729 drwxr-xr-x 3 root    root    4096 Aug 24 08:48 ..

3145730
The first is the directory itself (so it contain some data about directory permissions)
3145729
the second is the parent directory


The UNIX System guarantees that every process has a unique numeric identifier called the process ID. The process ID is always a non-negative integer


Directories cannot have hard links
Unix permits you to give files many names ("links"),but, not directories
You are not allowed to create a hard link to a directory
Each directory inode is allowed to appear once in exactly one parent directory and no more
every sub-directory only has one parent directory, and that means the special name ".." (dot dot) in a sub-directory always refers unambiguously to its unique parent directory.

Each subdirectory adds one to the link count

A directory may have sub-directories. Since the special name ".." (dot dot) in every one of those sub-directories is a link to the inode number of the parent directory, the link count of the parent directory is increased by one for every sub-directory the parent contains. (Remember - the link count counts how many name-inode maps point to this inode, and that includes the special "." (dot) and ".." (dot dot) name-inode maps!) A directory with five sub-directories will show a link count of 2+5=7.


  • What is Sticky Bit?

The sticky bit is used to indicate special permissions for files and directories.
If a directory with sticky bit enabled will restrict deletion of the file inside it.
It can be removed by root, owner of the file or who have to write permission on it.
This is useful for publically accessible directories like /tmp.

What is SUID (setuid)?
If SUID bit is set on a file and a user executed it. The process will have the same rights as the owner of the file being executed.
For example: passwd command have SUID bit enabled. When a normal user changes his password this script update few system files like /etc/passwd and /etc/shadow which can’t be updated by non-root account. So that passwd command process always run with root user rights.

$ ls -lrt /usr/bin/passwd
-rwsr-xr-x 1 root root 54256 May 16  2017 /usr/bin/passwd
$ ls -lrt /etc/shadow
-rw-r----- 1 root shadow 994 Aug 24  2018 /etc/shadow
$ ls -lrt /bin/su
-rwsr-xr-x 1 root root 40128 May 16  2017 /bin/su

https://tecadmin.net/understanding-sticky-bit-suid-and-sgid-in-linux/

No comments:

Post a Comment