Executable file in linux
In GNU/Linux systems the file type is determined by its data context (a file is recognized by its data: a script begin with “#!/bin/sh”, an MP£ file with “ID3”, and MPEG file with 0xBA hex code… and so on). So the file extension become unusefull (because if I rename test.mp3 to test.exe or test.txt its data doesn’t change, and remains always an MP3 file and it is recognized as MP3 file). (see the file command!)
Executables files are recognizable by their data, but they can be executable only if it’s execution permission bit is set (do you know about permission bitmask???). If executable bit is set, and if the file is an executable recognized by the running kernel, the application starts.
An executable run with the permission of the caller: so if you run an application as user, the application have the permission of the user. If the user is “root”, the application can do anything root can do!
Then, certain executable can be run only with root permissions, because it may edit some configuration file or anything else. So the application can do its job only if the application was started by the administrator (root).
If any application need superuser privileges, but should be run by any user, executable file have an extra permission bit: the SUID bit (Set User ID). When this bit is set, the permissions at run time doesn’t depends on the application caller, but the file owner (do you about file owner/group?). So if application has SUID bit set and it’s owned by root, when any user run the SUID executable, run application with root privileges.
That’s because GNU/Linux system are harder to break. To modify system configuration (to introduce viruses, root kits, backdoors…) you should break services that runs with root provileges, otherwise none can modify the system. SUID application are very rare, and often they are secure. However, even if an application runs with root privileges, often it is closed into a limited sub-system (called root jail), wich is a minimal system “running” on top of the system. If application is break, it is limited into the minimal system, so it cannot iteract with the real system running.
If you find this article helpful, Please like our Facebook page.