What is SUID and how to set SUID in Linux/Unix?

There are some other special permission apart from the normal file permissions read, write and execute which we set with chmod and chown commands. They are SUID, SGID, Sticky Bit, ACL’s, SUDO, SELinux for granular file/folder management by Linux administrator. Today we will see

1) What is SUID?
2) How to set SUID?
3) Where to use SUID?

What is SUID and how to set it in Linux?

SUID (Set owner User ID up on execution) is a special type of file permissions given to a file. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SUID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file owner rather that the user who runs it. In simple words users will get file owner’s permissions as well as owner UID and GID when executing a file/program/command.

The above sentence is a tricky one and should be explained in-depth with examples.

Learn SUID with examples:

Example1:  passwd command

When we try to change our password we will use passwd command, which is owned by root. This passwd command file will try to edit some system config files such as /etc/passwd, /etc/shadow etc when we try to change our password. Some of these files cannot be opened or viewed by normal user only root user will have permissions. So if we try to remove SUID and give full permissions to this passwd command file it cannot open other files such as /etc/shadow file to update the changes and we will get permission denied error or some other error when tried to execute passwd command. So passwd command is set with SUID to give root user permissions to normal user so that it can update /etc/shadow and other files.

Example2: ping command

Similarly if we take ping command, when we have to execute this command internally it should open socket files and open ports in order to send IP packets and receive IP packets to remote server. Normal users don’t have permissions to open socket files and open ports. So SUID bit is set on this file/command so that whoever executes this will get owner (Root user’s) permissions to them when executing this command. So when this command start executing it will inherit root user permissions to this normal user and opens require socket files and ports.

Example3: crontab and at command

When scheduling the jobs by using crontab or at command it is obvious to edit some of the crontab related configuration files located in /etc which are not writable for normal users. So crontab/at commands are set with SUID in-order to write some data.

How can I setup SUID for a file?

SUID can be set in two ways

1) Symbolic way (s, Stands for Set) 
2) Numerical/octal way (4)

Use chmod command to set SUID on file: file1.txt

Symbolic way:

chmod u+s file1.txt

Here owner permission execute bit is set to SUID with +s

Numerical way:

chmod 4750 file1.txt

Here in 4750, four indicates SUID bit set, seven for full permissions for owner, five for read and execute permissions for group, and no permissions for others.

How can I check if a file is set with SUID bit or not?

Use ls –l to check if the x in owner permissions field is replaced by s or S

For example: Listing file1.txt before and after SUID set

Before setting SUID bit:

ls -l
total 8
-rwxr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt

After setting SUID bit:

ls -l
total 8
-rwsr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt

Some FAQ’s related to SUID:

A) Where is SUID used?

1) Where root login is required to execute some commands/programs/scripts.

2) Where you don’t want to give credentials of a particular user, but want to run some programs as the owner.

3) Where you don’t want to use SUDO command, but want to give execute permission for a file/script etc.

B) I am seeing ‘S’ I.e. Capital ‘s’ in the file permissions, what is that?

After setting SUID to a file/folder if you see ‘S’ in the file permission area that indicates that the file/folder does not have executable permissions for that user on that particular file/folder.

For example see below example

chmod u+s file1.txt
ls -l
-rwSrwxr-x 1 surendra surendra 0 Dec 27 11:24 file1.txt

If you want to convert this S to s then add executable permissions to this file as show below

chmod u+x file1.txt
ls -l
-rwsrwxr-x 1 surendra surendra 0 Dec 5 11:24 file1.txt

you should see a smaller ‘s’ in the executable permission position now.

SUID with execute permissions:


SUID without execute permissions:


C) How can I find all the SUID set files in Linux/Unix.

find / -perm +4000

The above find command will check all the files which are set with SUID bit (4000).

D) Can I set SUID for folders?

Yes, you can if its required (you should remember one thing that Linux treats everything as a file)

E) What is SUID numerical value?

It has the value 4.

Please comment your thoughts about SUID usage in your company.

Show your love by sharing this..!
Share on VKShare on StumbleUponShare on YummlyPrint this pageFlattr the authorShare on TumblrEmail this to someoneBuffer this pageShare on Google+Share on LinkedInShare on FacebookTweet about this on TwitterPin on PinterestShare on RedditDigg this
The following two tabs change content below.
My name is Surendra Kumar Anne. I hail from Vijayawada which is capital of south Indian state of Andhra Pradesh. I am a Linux evangelist who believes in Hard work, A down to earth person, Likes to share knowledge with others, Loves dogs, Likes photography. I work with ICE systems, Sydney as Sr. Consultant. You can contact me at surendra (@) linuxnix dot com.
  • http://zenettii.myopenid.com/ Zenettii

    On majority of distro’s the ability to suid on scripts (bash, perl etc) is not allowed due to security.
    Where experimenting and testing this for experience, it should be done against a small program that you’re familiar with.

    A great way to test this is to suid on “whoami” command. Try this:

    $ whoami
    $ sudo chmod u+s /usr/bin/whoami
    $ whoami
    $ sudo chmod u-s /usr/bin/whoami


  • Coder

    Your graphical explanation of the difference between capital S and small s was really helpful! Thanks!!!

  • Pingback: What is Sticky bit and how to implement Sticky bit in Linux()

    • Yash

      sticky bit is used in linux for prevent damage by using sticky bit we not able to delete the file for example if a file shared in linux and many users have write and modification permissions then any one can delete the file and the data of other users also deleted in this case we use sticky bit

      for setting sticky bit for a file

      chmod +t “directory path on which u want to apply”

      in numeric

      chmod +1 /tmp

      • http://www.linuxnix.com Surendra Anne

        I dont think chmod +1 /path/to/folder will work

        chmod +1 /opt/Data/sticky/
        chmod: invalid mode: `+1′
        Try `chmod –help’ for more information.

        Did you tried this of your own before posting a comment?

  • Pingback: What is SGID and how to set SGID in Linux? | The Linux Juggernaut()

  • aselvan

    Good explanation. Just a minor correction: your before graphic for “SUID with out execute permissions:” is incorrect. It should be “rw-rwxrwx” so it can become “rwSrwxrwx” after suid added to permission.

    • http://www.linuxnix.com Surendra Anne

      Hi Aselvan,

      The example shows already SUID bit set so its small “s”, I dont think its a wrong GUI. Thanks for taking time and posting your comment.

      • Rama

        Hi good job,its crisp and clear.But i request you to verify a small thing.Mr Selvan is correct.In FAQ "B)"  the second part for "S" occurs for rw-.

  • Pingback: what is suid, sgid, sticky and why we use it ...?()

  • xavi

    I don’t think this is accurate:

    “Normal users don’t have permissions to open socket files and open ports.”

    A regular user can’t open ports under 1024, but they can certainly open ports without being root.

    • http://www.linuxnix.com Surendra Anne

      I agree, but in the post Its not mention any where. It mention as root user permissions are used to open a socket file. do let us know if any sentence is misleading.


  • http://www.redpinesignals.com bharath

    Absolutely fantastic info…. Thanks Suri…

  • Pingback: Kismet | Serba Serbi()

  • http://gravatar.com/klooride klooride

    Thanks! really helpful!

    Just a little comment, at line where you write:
    Here in 4750, 4 indicates SUID bit set, 7 for full permissions for owner, 5 for //write// and execute permissions for group, and no permissions for others.
    Isn’t 5 for read-execute??

    • http://www.linuxnix.com Surendra Anne

      yes.. thanks klooride for heads up. Updated the post.

  • http://cloudwalks.com/ QuickBooks

    Great explanation, it saved me to solving the SUID puzzle.

    Thank you very much.

  • http://gravatar.com/rajshekar007 rajshekar007

    I got your point. But I have a doubt. I hope you clarify it.
    If we want others to execute our file as owner of that file then why not set ‘x’ bit in others permission(–x) of the file instead of setting suid. If there is any advantage in doing so. What is that can you explain.

  • gavin

    find / -xdev ( -perm -4000 ) -type f -print0 | xargs -0 ls -l

  • http://N/A Joel Winkler

      My name is Joel and  I am running a Macintosh  system 10.6.8  and when I tried to repair permissions there are several SUID files that will not be altered ( repaired).   I'm not sure if this is harmful or not I.  I  would appreciate a response in terms of this problem.  Thank you  in advance  for your assistance.


  • Tharindu Edirisinghe

    This post is really informative. Got clear understanding of the suid in linux. Thank you !

  • Ngowda

    Good info to understand setuid.

  • duniaaneh

    Hi Dear, are you genuinely visiting this site on a regular basis, if so after that you will definitely obtain good knowledge.

  • praveen

    thanks much

  • https://www.linkedin.com/pub/dir/Courtney/Jones/us-52-Greater-Atlanta-Area courtney jones atlanta

    visiting this site on a regular basis, if so after that you will definitely obtain good knowledge

  • Łukasz Przeniosło

    Hello there,

    I have a problem with a Qt program and keyboard device (event1). My problem is that keyboard only works in my Qt embedded application if i run it with sudo on the device itself, not through ssh or startup script in rc.local. I cannot fix this problem for a long time. I though maybe your tutorial could fix the problem. I have set the "s" bit to my application using chmod 4777 app (security is not an issue at the moment) and chmod 4777 /dev/input/event1. Even though the program cant use keyboard. I have set a rule in /etc/udev/rules.d that says: KERNEL=="event1", MODE="4777" but the "s" bit is lost after reboot and if I do it manualy with chmod the keyboard still doesnt work… Do you know maybe what could be the case in here? It is my nightmare.

  • Dhananjay

    This is very help full. I Got clear understanding of the suid in linux. Thank you !