B.10. Lab B.10: Find SUID and SGID Files in Linux
This lab requires a Linux workstation.
In addition to standard permissions, Linux contains two special permissions that can pose security risks. The first permission, SUID, makes anyone running the file the user that created the file, so if root created the file, the user running it becomes root during its execution. The second permission, SGID, makes anyone running the file a temporary member of the group associated with the file.
Because these permissions are so powerful, you need to routinely monitor the files in which they are set. To file all SUID and SGID files on the system, follow these steps:
From the desktop, choose Programs Accessories Terminal.
NOTE
Your menu choices might differ ...
Get CompTIA Security+™ Deluxe: Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
