Every program on CentOS runs within the environment of a user account regardless of whether the program is executed by a user or run as an automated system process. However, sometimes we want the program to run with different restrictions and access those rights the account is allowed. For example, a user should be able to use the passwd command to reset their password. The command needs write access to /etc/passwd but we don't want the user running the command to have such access. This recipe teaches you how setting a program's SUID and SGID permission bits allows it to execute within the environment of a different user.