Hello,

I get what suid is but wanted to understand what is happening in the example below. Does chrome-sandbox run as root?

-r-sr-xr-x 1 root root 14312 May 7 22:16 chrome-sandbox*

Also what is the difference between the above and this:

-rwsr-xr-x 1 root root 14312 May 7 22:16 chrome-sandbox*

Please help me understand.

1) Yes, the setuid for "owner" which is "root" means this command runs as root. The execute for both group and other means anyone can run this program but when they do it will run as root due to the setuid bit.

2) When you look at permissions with ls -l you see:
First character (-) in both of yours which means it is a regular file. You would see "d" for directory, "l" for symbolic link", "c" for a character (raw) device, "b" for block device, "s" for socket, etc...

The next 3 characters describe the file owner's permissions.
The next 3 characters describe the file group's permissions.
The final 3 characters describe "other" (everybody else's) permissions.

-r-sr-xr-x = Regular file, read and execute (with suid) for owner, read and execute for group, read and execute for other.

-rwsr-xr-x = Same as above except the "w" tells it to allow owner to write as well as read and executed.

In reality root user overrides all permissions so it could "write" to above file either way. However, for non-root users the lack of "w" for owner would allow them to read and execute but not write. Sometimes you do that if you're giving a user an executable that you don't want them modifying (especially a script).

Type "man chmod" for more detail of file modes (permissions) and how to set them.