FACTOID # 15: Most people live in poverty in most African countries.
 
 Home   Encyclopedia   Statistics   Countries A-Z   Flags   Maps   Education   Forum   FAQ   About 
 
WHAT'S NEW
RECENT ARTICLES
More Recent Articles »
 

FACTS & STATISTICS    Simple view

  1. Select countries to view: (hold down Control key and click to select several)

     

     

    Compare:

     

     
  1. Select fact or statistic: (* = graphable)

     

     

     

  2. (OPTIONAL) Compare to statistic: (both need to be graphable)

     

     

     

  3. View result as:

     

       
(OR) SEARCH ALL encyclopedia, stats & forums:   

Encyclopedia > Setgid

Setuid is a UNIX term, and is short for "Set User ID." Setuid, also sometimes referred to as "suid," is an access right flag that can be assigned to files and directories on a UNIX based operating system. The setuid flag is mostly used to allow users on a computer system to execute binary executables with temporarily elevated privileges in order to perform a specific task. It has been suggested that this article or section be merged with Unix-like. ... It has been suggested that this article or section be merged with Unix-like. ... In computing, an operating system (OS) is the system software responsible for the direct control and management of hardware and basic system operations. ...


Setuid is needed for tasks that require higher privileges than what a common user has, such as changing his or her login password. Some of the tasks that require elevated privilege may not immediately be obvious, though -- such as the ping command, which must send and listen for control packets on a network interface. ping in a Windows 2000 command window Ping is the name of a computer network tool used on TCP/IP networks (such as the Internet). ... The Internet Control Message Protocol (ICMP) is part of the Internet protocol suite and defined in RFC 792. ...


When a binary executable file owned by root has been given the setuid attribute, normal users on the system can execute this file and gain root privileges within the created process. When root privileges have been gained within the process, the application can then perform tasks on the system that regular users normally would be restricted from doing. On many computer operating systems, superuser is the term used for the special user account that is controlled by the system administrator. ... On many computer operating systems, superuser is the term used for the special user account that is controlled by the system administrator. ... Process (lat. ... Process (lat. ...


While the setuid feature is very useful in many cases, it can however pose a security risk if the setuid attribute is assigned to executable programs that are not carefully designed. Users can exploit vulnerabilities in flawed programs to gain permanent elevated privileges. An exploit is a common term in the computer security community to refer to a piece of software that takes advantage of a bug, glitch or vulnerability, leading to privilege escalation or denial of service on a computer system. ...


There is also a Setgid flag, which is short for "Set Group ID." This attribute will allow for changing the group based privileges within a process, like the setuid flag does for user based privileges.


External links

  • Setuid Demystified (pdf)

  Results from FactBites:
 
SETGID (192 words)
This allows a setgid (other than root) program to drop all of its group privileges, do some un-privileged work, and then re-engage the original effective group ID in a secure manner.
If the user is root or the program is setgid root, special care must be taken.
The setgid function checks the effective gid of the caller and if it is the superuser, all process related group ID’s are set to gid.
UNIX File Permissions (1234 words)
The effect of running an executable with a setuid bit is to change the effective user ID of the process to the user that owns the file; similarly the setgid bits causes the effective group ID of the process to be set to the group of the file.
Similarly, games are sometimes made setgid to the "games" group, which is used to control write access to high score files and other such administrivia.
Conversely if you have 'x' but not 'r' then you will not be able to list the files in it, but if you happen to know their names then you will still be able to access them, and you will be able to "cd" into the directory.
  More results at FactBites »


 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments
Please enter the 5-letter protection code

Want to know more?
Search encyclopedia, statistics and forums:
 


Lesson Plans | Student Area | Student FAQ | Reviews | Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms.