You can do this lab on either of your virtual machines. You'll save the output of the find command to a text file:
- Search through the entire filesystem for all files that have either SUID or SGID set, saving the output to a text file:
sudo find / -type f ( -perm -4000 -o -perm 2000 ) -ls >
suid_sgid_files.txt
- Log into any other user account that you have on the system, and create a dummy shell script file. Then, set the SUID permission on that file, and log back out into your own user account:
su - desired_user_account
touch some_shell_script.sh
chmod 4755 some_shell_script.sh
ls -l some_shell_script.sh
exit
- Run the find command again, saving the output to a different text file:
sudo find / -type f ( -perm -4000 -o -perm 2000 ) -ls >
suid_sgid_files_2.txt
- View the difference between the two files:
diff suid_sgid_files.txt suid_sgid_files_2.txt
- End of lab.