What is a SUID?

As well as the standard read, write and execute permissions applied to files there are some special permissions. These include SUID, SGID, and sticky bit. SUID stands for Set owner User ID upon execution. Normally when a program runs, it inherits permissions from the logged-on user. When the SUID special permission is applied to a file, the file executes with the permissions of the user who owns the file.

This is shown in the screenshot below on the /usr/bin/mount file, where the user x permission is replaced with an s.

Ok so that’s nice, but why is it important. Well if the SUID bit is set on a service or executable that is owned by root then this can be used to escalate privileges on the affected system.

Finding files with a SUID can be achieved with the command below:

>find / -perm -u=s -type f 2>/dev/null

A site with good examples of how misconfigured SUID permissions can be used to escalate privileges can be found here https://pentestlab.blog/2017/09/25/suid-executables/