Althrough the effect of set-user-id and set-group-id bit on files is well known to unixers, their effect on directories is not broadly understood.
In linux, you can issue 'chmod u+s item' to set the suid bit on 'item', and 'chmod g+s item' to set the sgid bit. And then, you can check the permissions using 'ls -l'. The suid/sgid bit will be displayed as a 's' on the execution bit if the item has executable permission or as a 'S' otherwise. Suid and Sgid can also set using digital form of chmod, aka, 'chmod 4xxx item' to set suid bit and 'chmod 2xxx item' to set sgid bit. In addition, you can use 'chmod [u|g]+t item' or 'chmod 1xxx' to set the sticky bit. BTW, the sticky bit of a plain file is usually ignored in modern unixes.
The effect of suid/sgid bit on directories is that the items created under these directories would be owned by the parent's owner or group owner automatically.
This is especially useful when a group of users want to share some directories with each other but not anyone else. In such a case user should set their umask to 007 and make the shared directories owned by their group and with set-group-id bit set. Example applications include cvs/svn repositories.
没有评论:
发表评论