Unlock Linux File Permissions: Master SUID, SGID, and Advanced Find Commands

Introduction

Linux file permissions are represented by three characters (rwx) for read, write, and execute. For example, -rwxr-xr-x /etc/nginx/nginx.conf corresponds to the numeric mode 755.

Permission Basics

When inspecting /etc/shadow, you may see -rwsr-xr-x. The extra s indicates a special permission bit.

SUID, SGID, and Sticky Bit

SUID (Set User ID) allows a program to run with the file owner's privileges, commonly used by passwd. SGID (Set Group ID) grants the executing user the file's group privileges and can also apply to directories. The sticky bit (often called SBIT) prevents unauthorized users from deleting or renaming files they do not own. Numerically, SUID = 4, SGID = 2, Sticky = 1, so a mode like 4755 includes the SUID bit.

Using find to Locate Files

The find command can filter files by various criteria. For example, to list files with any of the special bits set: find / -perm +7000 This searches for files with the ---s--s--t pattern.

Finding by Name or Regex

find . -name test.txt

To locate all PDF books: find ./yang/books -name "*.pdf" Adding -type f restricts the search to regular files:

find ./yang/books -type f -name "*.pdf"

Finding by Timestamps

Linux tracks three timestamps:

atime : last access time.

mtime : last modification time of file content.

ctime : last change time of file metadata (owner, permissions, etc.).

Examples: find . -type f -atime +365 Find files modified exactly 5 days ago (no + sign): find . -type f -mtime 5 Search files with ctime between 5 and 10 days ago:

find . -type f -ctime +5 -ctime -10

Finding by Size

The -size option accepts units:

b: 512‑byte blocks (default)

c: bytes

w: two‑byte words

k: kilobytes

M: megabytes

G: gigabytes

Example to find files between 10 MB and 1 GB:

find . -type f -size +10M -size -1G

Finding by Permissions

Use -perm to match exact permission bits. For instance, to list all files with 777 permissions: find . -type f -perm 777 This returns files readable, writable, and executable by owner, group, and others.

Conclusion

Understanding Linux permission bits and mastering the find command empowers administrators to efficiently locate and manage files based on ownership, timestamps, size, and security attributes.