1

I am on Linux Mint.

I have added the SUID bit to a script using the following command:

chmod u+s script.sh

as confirmed by ll (ls -laF):

ll (ls -laF) output

Now, if I login using another user, I can't execute the script.sh file; I get a "Permission denied" error:

screenshot: execution of ./script.sh gets "Permission denied"

What am I doing wrong?

ASAIK, SUID allows anybody to execute the program as the owner.

Improve this question
1

1 Answer 1

Reset to default
2

Short answer: you haven’t given execute permission to anybody but the file’s owner.  The mode is currently 4764.  The last two digits have to be 5 or 7 for it to be executable by others.

    Use 4755.  It’s rare that you want a file to be writable by people other than the owner.  There are cases where you want this, but the default should be NN44, NN55 or NN11 (or less) unless you can justify making the file writable.

    Setuid files should never never ever be writable by anybody other than the file’s owner.

The rest of the answer: setuid (usually) doesn’t work on scripts, so, even if you chmod the script to 4755 and give the other user execute permission, it will run as the user that invoked it, not as the owner of the file.

Improve this answer
3
  • So, if it were any kind of executable like compiled C file, then it would SUID bit allows other users to execute the file as the file owner. Correct?
    – Cody
    Commented Jun 20, 2021 at 1:31
  • Right.  Provided the low-order bits of the mode allow the other user to execute the file in the first place.
    – Scott - Слава Україні
    Commented Jun 20, 2021 at 1:35
  • That I didn't understand. If lower bits need to allow other users to execute the first, then what's the need of SUID ?
    – Cody
    Commented Jun 20, 2021 at 1:39

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .