File permission "s"

Discussion in 'all things UNIX' started by wat0114, Oct 22, 2012.

Thread Status:
Not open for further replies.
  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    Checking file permissions, I notice
    Code:
    -rw[color=darkred]s[/color]r-xr-x 1 root root
    on the executable chrome-sandbox. From what I briefly researched, it seems to imply giving the user temporary root permissions? Is this true and if so, why is it necessary?
     
  2. BrandiCandi

    BrandiCandi Guest

    See this link for a simple explanation: http://content.hccfl.edu/pollock/aunix1/filepermissions.htm

    Therefore the "s" showing indicates that root has executable and SUID rights. The link also explains what SUID is if you don't know.
     
  3. BrandiCandi

    BrandiCandi Guest

    But no, the thing you're showing is owned by root. The normal user couldn't use it unless they elevated their privileges.
     
  4. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    Group and Other can still execute, though. I just wonder what is special about the "s" permission that User has. Thanks!
     
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    It's necessary because the Chrome-sandbox has to have root to actually go into sandbox mode. Once it chroots it then drops those privileges. Info here: https://code.google.com/p/setuid-sandbox/
     
  6. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    Excellent, thanks chronomatic :)
     
Thread Status:
Not open for further replies.