logo
Defence blues
Taming permissions, xattrs & the dangers of SUID/SGID
  • Red tradecraft
  • Privacy greenhouse
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • Blue team @Purpleteaming
    • Blue team @SOC
    • Blue team for dev
    • Blue team @Home
    • Bulletproofing servers
      • The wake-up call
      • Hardening Linux server
        • User account sanity checks
        • Remove unnecessary services
        • Preventing unauthorised access while respecting privacy
        • The CIA triad framework for security
        • Virtual network computing
        • Taming permissions, xattrs & the dangers of SUID/SGID
          • Discretionary access control (DAC)
          • Access control lists (ACL) and shared directory management (SDM)
          • Mandatory access control (MAC)
        • Taming permissions, xattrs & the dangers of SUID/SGID
          • Discretionary access control (DAC)
          • Access control lists (ACL) and shared directory management (SDM)
          • Mandatory access control (MAC)
        • PKI: The beautiful mess of digital trust (and why nothing works properly)
        • From basic monitoring to intrusion detection
        • Continuous host monitoring and threat detection
        • Incident response plan
        • Troubleshooting
      • Hardening webserver
      • Smarter mail servers
    • Golem Trust Computing Ltd.
    • Department of Silent Stability
    • The Home for Bewildered Beasts of Legend
    • Stormforge training grounds
    • Honeytech for humans

    Taming permissions, xattrs & the dangers of SUID/SGIDΒΆ

    • Protecting sensitive files and directories by setting proper permissions and ownership, and by using Extended Attributes (xattr).

    • Avoiding security related problems with Set User ID (SUID) and Set Group ID (SGID).

    Configuring access control

    • Discretionary access control (DAC)
    • Access control lists (ACL) and shared directory management (SDM)
    • Mandatory access control (MAC)
    2026-04-01 20:54
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7