A Beginner-Friendly Guide for Linux / Start Learning Linux Quickly...

How to Find Files With SUID and SGID Permissions in Linux

Categories Linux Commands 4 Comments

In this tutorial, we will explain auxiliary file permissions, commonly referred to as “special permissions” in Linux, and also we will show you how to find files which have SUID (Setuid) and SGID (Setgid) set.

What is SUID and SGID?

SUID is a special file permission for executable files which enables other users to run the file with effective permissions of the file owner. Instead of the normal x which represents execute permissions, you will see an s (to indicate SUID) special permission for the user.

SGID is a special file permission that also applies to executable files and enables other users to inherit the effective GID of file group owner. Likewise, rather than the usual x which represents execute permissions, you will see an s (to indicate SGID) special permission for group user.

Suggested Read: Managing Users & Groups, File Permissions & Attributes in Linux

Let’s look at how to find files which have SUID and SGID set using the find command.

The syntax is as follows:

$ find directory -perm /permissions

Important: Certain directories (such as /etc, /bin, /sbin etc.) or files require root privileges in order to be accessed or listed, if you are managing your system as a normal user, use the sudo command to gain root privileges.

How to Find Files with SUID Set in Linux

This below example command will find all files with SUID set in the current directory using -perm (print files only with permissions set to 4000) option.

$ find . -perm /4000
Find Files with SUID Permissions
Find Files with SUID Permissions

You can use the ls command with -l option (for long listing) to view the permissions on the listed files as shown in the image above.

How to Find Files with SGID Set in Linux

To find files which have SGID set, type the following command.

$ find . -perm /2000
Find Files with SGID Permissions
Find Files with SGID Permissions

To find files which have both SUID and SGID set, run the command below.

$ find . -perm /6000
Find Files with SUID and SGID
Find Files with SUID and SGID

You may also like to read these useful guides about file permissions in Linux:

  1. How to Set File Attributes and Finding Files in Linux
  2. Translate rwx Permissions into Octal Format in Linux
  3. Secure Files/Directories using ACLs (Access Control Lists) in Linux
  4. 5 ‘chattr’ Commands to Make Important Files IMMUTABLE (Unchangeable) in Linux

That’s it for now! In this guide, we showed you how to find files which have SUID (Setuid) and SGID (Setgid) set in Linux. If you have any questions, use the feedback form below to share any queries or additional thoughts about this topic.

If you read this far, tweet to the author to show them you care. Tweet a thanks

Previous article:

How to Connect to MySQL Without Root Password on Terminal

Next article:

How to Change Runlevels (targets) in SystemD
Photo of author
Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

Related Posts

4 thoughts on “How to Find Files With SUID and SGID Permissions in Linux”

  1. The command to find files that have both SUID and SGID set would be with minus sign like so:

    $ find . -perm -6000

    and not with a slash sign like you recommend.

    $ find . -perm /6000
    Reply

  2. Find files with SUID, SGID and StickyBit set in Linux.

    $ sudo find / -perm +7000 -type f

    Find directories with SUID, SGID and StickyBit set in Linux.

    $ sudo find / -perm +7000 -type d
    Reply

    • This is incorrect too. From “man find”: 

      -perm +mode

      This is no longer supported (and has been deprecated since 2005).

      Use -perm /mode instead.

      The correct answer is :

      To find files with SUID, SGID and StickyBit set in Linux.

      $ sudo find / -type f -perm -7000

      To find directories with SUID, SGID and StickyBit set in Linux.

      $ sudo find / -type d -perm -7000
      Reply

Got something to say? Join the discussion.

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.