Actual User ID (valid group) and valid user ID (valid group ID) for the process under Linux

Source: Internet
Author: User

Actual User ID (actual group ID): Identifies who the current user (belongs to) is and is taken from the password file when the user logs on.

Valid user ID (valid group ID): Used to determine our (current process) access to the file (that is, the actual process is running with that user).

In general, the valid user ID of a process equals the actual user ID of the process, and the valid user group ID of the process is equal to the actual user group ID of the process.

However, when set-user-id (set_user_id) bit is set in the file mode (St_mode) of the executable program file, The valid user ID of the process is equal to the executable file's owner ID.

Similarly, if "set-group-id (set-group-d) Bit" is set in the executable file mode (st_mode), the valid user group ID of the process equals the owning group ID of the executable file, for example:

Now there are two executable files test,passwd, of which passwd is the Linux system with the modified password program (under Linux under the/usr/bin directory), test is my own written testing program, just an infinite loop code is as follows:

1 #include <stdio.h>23int  main () {4          while (1) {5                 ;       // An empty statement is used to  implement an infinite loop 6         }7         return0; 8 }

See the details of these two files with ls-l below:

  

You can see that the test file has both an ID and a group ID of ZZG (my login account), the owner ID and the group ID of the passwd file are root, and the command prompt shows that now I am logged in as a ZZG user, or use the command ID to view the user ID and group ID of the current user under the shell:

  

  That is, both the current actual user ID and the actual user group ID are zzg.

Now run the test program and the passwd program separately, then use the PS command under another terminal to see the valid ID and valid ID of test, as follows:

Run the program

    

PS Output

  

From the figure

Test is actually run with the user Id:zzg, group ID:ZZG, that is, for the pid=8442 process:

    Its actual user ID is ZZG

    It has a valid user ID of ZZG   

    Its actual user group ID is ZZG

    It has a valid user group ID of ZZG

passwd is actually the user id:root, group Id:zzg to run, that is, for the pid=8444 process:

    Its actual user ID is ZZG (because the current user is ZZG)

    It has a valid user ID of root

    Its actual user group ID is ZZG

    It has a valid user group ID of ZZG

Let's take a look at the details of these two files

  

You can see that passwd set the "set-user-id" bit (the fourth bit of ' s ', to set the flag), but did not set the "set-group-id" bit,

Therefore, the above situation, that is, for the pid=8444 process, the valid user ID equals passwd's owner ID (root), the valid user group ID equals the actual user group ID (ZZG) running the program.

You can also see that the "set-user-id" bit of Test, "set-group-id" bit is not set, so for the pid=8442 process, the valid user ID and valid user group ID are equal to the actual user ID running the program, the actual user group ID.

Actual User ID (valid group) and valid user ID (valid group ID) for the process under Linux

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.