Setuid

The Unix and Linux access rights flags setuid and setgid (short for set user identity and set group identity)[1] allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

The flags setuid and setgid are needed for tasks that require different privileges than what the user is normally granted, such as the ability to alter system files or databases to change their login password.[2] Some of the tasks that require additional privileges may not immediately be obvious, though, such as the ping command, which must send and listen for control packets on a network interface.

  1. ^ von Hagen, William (2010-05-13). Ubuntu Linux Bible. pp. 3–59. ISBN 9780470881804.
  2. ^ Frisch, Æleen (2009-02-09). Essential system administration. O'Reilly. p. 351. ISBN 9780596550493.