An administrator deployed a custom compiled binary located at /opt/diag/tool that requires root privileges to perform hardware diagnostics. To allow junior administrators to run the utility, the file's owner was set to root, and its permissions were set using chmod 4755 /opt/diag/tool. When a junior administrator executes the binary, it fails with errors indicating insufficient privileges. The permissions on the file appear correct (-rwsr-xr-x), and the junior administrator can successfully execute the file. Which of the following is the MOST likely reason the setuid permission is not being honored?
The setgid bit must also be set on the file for setuid to work.
The filesystem containing /opt/diag is mounted with the nosuid option.
The sticky bit needs to be set on the /opt/diag directory.
The file must be owned by the junior administrator instead of root.
The correct answer is that the filesystem containing the binary is mounted with the nosuid option. The nosuid mount option is a security feature that prevents setuid and setgid bits from taking effect on a given filesystem. This means that even if a binary has the setuid bit set, the kernel will ignore it if the binary resides on a nosuid-mounted filesystem. This is a common security practice for partitions that are not expected to contain setuid executables, such as /home or temporary directories. Checking the mount options in /etc/fstab or with the mount command would confirm this configuration.
The setgid bit is not required for setuid to function; they serve different purposes. The file must be owned by root for setuid to grant root privileges, so changing ownership would be incorrect. The sticky bit applies to directories and controls file deletion, which is irrelevant to setuid execution on a file.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the `nosuid` mount option?
Open an interactive chat with Bash
How can you check if a filesystem is mounted with the `nosuid` option?
Open an interactive chat with Bash
What is the difference between `setuid` and `setgid`?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Troubleshooting
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access