What Is the Setuid Bit?
The setuid bit is a permission flag on an executable that causes it to run with the user identity of the file owner instead of the user who started it. It is how unprivileged users can run specific tools that need elevated rights, such as changing their password. Because it grants privilege, setuid programs are a sensitive security surface.
Why it matters
Setuid binaries are a frequent target for privilege escalation, so hardened CI images often remove or audit them. Knowing the bit explains how a program can act with more privilege than the calling user.
Related guides
What Is the Setgid Bit?The setgid bit runs an executable with its group privileges, or on a directory makes new files inherit that d…
What Is the Sticky Bit?The sticky bit on a directory restricts file deletion so users can remove only their own files, even in a dir…
What Is a Linux Capability?A Linux capability is a fine-grained privilege carved out of the all-powerful root account, letting a process…