Appendix A. SUID and SGID Files
The Set-User ID (SUID) and Set-Group ID (SGID) bits allow an application to be run as the user or group that owns the application. In most cases, the owner is root. The main reason for this is to give users the capability to modify files or have access to resources that require special privileges. The unfortunate aspect of this is that such applications can often be exploited to perform malicious operations or used to access private information. SUID and SGID files should not be treated lightly. Administrators should know which files on their system are SUID or SGID, especially those owned by root. The security implications of SUID and SGID files are covered in more detail in Chapter 4, “What Is This UNIX Thing?,” ...
Get Mac® OS X Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.