• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

Linux / UNIX : How to find files which has SUID/SGID set

by admin

Special Permissions – SUID/SGID

There are two special permissions that can be set on executable files: Set User ID (setuid) and Set Group ID (sgid). These permissions allow the file being executed to be executed with the privileges of the owner or the group. For example, if a file was owned by the root user and has the setuid bit set, no matter who executed the file it would always run with root user privileges.

Finding files with SUID/SGID bit set

We can find all the files with SUID SGID permissions using the find command.

1. To find all files with SUID permissions under root :

# find / -perm +4000

2. To find all files with SGID permissions under root :

# find / -perm +2000

3. we can also combine both find commands in a single find command:

# find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -l {} \;

Removing SUID/SGID

If you want to remove the SGID and SUID permissions on the files, you can follow the steps below. Once you get the list of files, you remove the security bit using chmod command :
For SUID :

# chmod u-s file_name

For SGID :

# chmod g-s file_name

To recursively do it you can execute the following command :

# for i in `find / -perm +4000`
do
	chmod u-s $i
done

Similarly you can change for sgid files also.

# for i in `find / -perm +2000`
do
	chmod g-s $i
done
Note: It will remove all suid of the files. So be cautious before executing the for loop.
What is SUID, SGID and Sticky bit ?
Linux / UNIX : Examples of find command to find files with specific sets of permissions
UNIX / Linux : What is the correct permission of /tmp and /var/tmp directories

Filed Under: Linux

Some more articles you might also be interested in …

  1. –force V/s –nodeps : rpm command options to install or uninstall a package
  2. How To Identify User Deleting Files From A Given Directory in Linux
  3. conan: open source, decentralized and cross-platform package manager to create and share all your native binaries
  4. bmon Command Examples in Linux
  5. How to Disable TLS 1.1 Cockpit port 9090
  6. update-rc.d Command Examples in Linux
  7. dget: command not found
  8. httpie Command Examples in Linux
  9. CentOS / RHEL 5, 6 : how to disable NetworkManager
  10. Check successful and unsuccessful user login attempts in linux

You May Also Like

Primary Sidebar

Recent Posts

  • gixy Command Examples
  • gitsome Command Examples
  • gitmoji Command Examples
  • gitlint Command Examples

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright