摘要:
As we described earlier, when we open a file, the kernel performs its access tests based on the effective user and group IDs. There are times when a process wants to test accessibility based on the real user and group IDs. This is useful when a process is running as someone else, using either the se 阅读全文
摘要:
Set UID当 s 这个标志出现在文件拥有者的 x 权限上时,例如刚刚提到的 /usr/bin/passwd 这个文件的权限状态:『-rwsr-xr-x』,此时就被称为 Set UID,简称为 SUID 的特殊权限。 那么SUID的权限对於一个文件的特殊功能是什么呢?基本上SUID有这样的限制与功能:SUID 权限仅对二进位程序(binary program)有效;运行者对於该程序需要具有 x 的可运行权限;本权限仅在运行该程序的过程中有效 (run-time);运行者将具有该程序拥有者 (owner) 的权限。讲这么硬的东西你可能对於 SUID 还是没有概念,没关系,我们举个例子来说明好了 阅读全文
摘要:
The user ID of a new file is set to the effective user ID of the process. POSIX.1 allows an implementation to choose one of the following options to determine the group ID of a new file.The group ID of a new file can be the effective group ID of the process.The group ID of a new file can be the grou 阅读全文
摘要:
In the UNIX System, privileges, such as being able to change the system's notion of the current date, and access control, such as being able to read or write a particular file, are based on user and group IDs. When our programs need additional privileges or need to gain access to resources that 阅读全文
摘要:
The three categories in Figure 4.6read, write, and execute are used in various ways by different functions. We'll summarize them here, and return to them when we describe the actual functions. Figure 4.6. The nine file access permission bits, from <sys/stat.h> st_mode maskMeani... 阅读全文