1. setuid
setuid #权限位作用于属主的位置 可执行的权限位 执行这条命令的时候,相当于这条命令的所有者 root
#数字 4xxx 表示
#用 s 表示
[root@CentOS7 ~]#ll /usr/bin/passwd
-rwsr-xr-x. 1 root root 27832 Jun 10 2014 /usr/bin/passwd
[root@CentOS7 ~]#ll /usr/bin/rm
-rwxr-xr-x. 1 root root 62952 Oct 31 2018 /usr/bin/rm
#普通用户没有权限用删除命令删除目录
[root@CentOS7 ~]#su - zzc
Last login: Fri Jul 24 12:09:44 CST 2020 on pts/0
[zzc@CentOS7 ~]$rm -rf /opt
rm: cannot remove ‘/opt’: Permission denied
[zzc@CentOS7 ~]$logout
#root用户给删除命令加上setuid权限,普通用户可以随意删除
[root@CentOS7 ~]#chmod u+s /usr/bin/rm
[root@CentOS7 ~]#su - zzc
Last login: Fri Jul 24 15:00:35 CST 2020 on pts/1
[zzc@CentOS7 ~]$rm -rf /opt
[zzc@CentOS7 ~]$ll /opt
ls: cannot access /opt: No such file or directory
#普通用户不能使用yum,命令,即使添加了setuid的权限也不行
[root@CentOS7 ~]# ll /usr/bin/yum
-rwxr-xr-x. 1 root root 801 Nov 5 2018 /usr/bin/yum
[root@CentOS7 ~]# su - zzc
Last login: Fri Jul 24 15:55:33 CST 2020 on pts/0
[zzc@CentOS7 ~]$ yum install -y sl
Loaded plugins: fastestmirror
You need to be root to perform this command.
[zzc@CentOS7 ~]$ yum install -y vim
Loaded plugins: fastestmirror
You need to be root to perform this command.
[zzc@CentOS7 ~]$ logout
[root@CentOS7 ~]# chmod u+s /usr/bin/yum
[root@CentOS7 ~]# ll /usr/bin/yum
-rwsr-xr-x. 1 root root 801 Nov 5 2018 /usr/bin/yum
[root@CentOS7 ~]# su - zzc
Last login: Fri Jul 24 16:02:12 CST 2020 on pts/0
[zzc@CentOS7 ~]$ yum install -y sl
Loaded plugins: fastestmirror
You need to be root to perform this command.
[zzc@CentOS7 ~]$ yum install -y vim
Loaded plugins: fastestmirror
You need to be root to perform this command.
# setuid 权限是以4开头
[root@CentOS7 ~]# ll /usr/bin/cd
-rwxr-xr-x. 1 root root 26 Oct 31 2018 /usr/bin/cd
[root@CentOS7 ~]# stat /usr/bin/cd
File: ‘/usr/bin/cd’
Size: 26 Blocks: 8 IO Block: 4096 regular file
Device: 803h/2051d Inode: 50334565 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2018-10-31 01:07:12.000000000 +0800
Modify: 2018-10-31 01:07:12.000000000 +0800
Change: 2020-07-06 09:29:42.649290051 +0800
Birth: -
[root@CentOS7 ~]# ll /usr/bin/yum
-rwsr-xr-x. 1 root root 801 Nov 5 2018 /usr/bin/yum
[root@CentOS7 ~]# stat /usr/bin/yum
File: ‘/usr/bin/yum’
Size: 801 Blocks: 8 IO Block: 4096 regular file
Device: 803h/2051d Inode: 50610581 Links: 1
Access: (4755/-rwsr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-07-24 16:04:05.042980493 +0800
Modify: 2018-11-05 09:53:57.000000000 +0800
Change: 2020-07-24 16:03:30.146981288 +0800
Birth: -
#大S 和 小s的区别
#拥有x执行权限,设置setuid之后是小s
[root@CentOS7 ~]# ll file.txt
-rwxr--r-- 1 root root 16 Jul 24 11:51 file.txt
[root@CentOS7 ~]# chmod u+s file.txt
[root@CentOS7 ~]# ll file.txt
-rwsr--r-- 1 root root 16 Jul 24 11:51 file.txt
#没有x执行权限,设置setuid之后是大S
[root@CentOS7 ~]