13. Granting privileged actions

Task: allow user to perform an action that lies off standard user permissions:


Simple examples:

SETGID directory traversal

This is SETGID directory traversal example

Find all setgid binaries: find /*bin /usr/*bin -perm -2000 -ls


Su/sudo ar just setuid wrappers, still allowing certain user to run certain command.

Policy kit

Polkit is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes: It is a framework for centralizing the decision making process with respect to granting access to privileged operations for unprivileged applications.


See more on Arch linux page

Hardening and mandatory access mechanisms

Note: all these mechanisms are mechanisms of restriction, not of allowance


SELinux is a security enhancement to Linux which allows users and administrators more control over access control.


AppArmor is Mandatory Access Control (MAC) like security system for Linux. AppArmor confines individual programs to a set of files, capabilities, network access and rlimits, collectively known as the AppArmor policy for the program, or simply as a profile. New or modified policy can be applied to the running system without a reboot.


  1. Setgid bit here means all the files created under the directory will belong to the auth group; you may skip it, it's irrelevant (1)

HSE/ArchitectureOS/13_GrantingActions (last edited 2020-07-02 15:52:30 by FrBrGeorge)