Actual user ID, valid user ID, and set User ID (S_ISUID)

These concepts are often encountered when looking at Unix-related books, but have not been able to properly clarify these concepts, so that they have been a smattering of these concepts. Today, a good distinction between these concepts and summarized below. Frankly, these several UID leads are for the system's rights management.

The following is used Ruid, euid,suid to represent the actual user ID, valid user ID, set user ID. In addition, the user ID is an integer number to indicate that the user name is used to represent the different UID in the convenient true connection. Explain the role of these IDs first:

Ruid, used to identify a user in the system, is the only way to determine his ruid when a user successfully logs on to a UNIX system using a username and password.

Euid, which is used to determine the user's access to system resources, is usually equal to ruid.

SUID, for the opening of external authority. Unlike Ruid and Euid, which is a user-bound, it is tied to a file rather than to a user.

Explain suid when a lot of books are briefly mentioned passwd this procedure, below take this example to analyze. We know that the Linux system password exists in the/etc/shadow file. This file is so important that you should back it up before making any changes. View the properties of the/etc/shadow file as follows:

[Root@localhost ~]# Ll/etc/shadow

-R--------1 root root 1144 June 22:33/etc/shadow

You can see from the above that the/etc/shadow file is a file belonging to the root and root groups, and that only users euid to root have read permissions, and all other euid do not have any permissions. When you try to open the file with vim under the shell of the Steve User (Euid is also Steve at this time), you will be prompted to disallow permission. As for even the root user has only Read permission I guess it's to discourage the root user from using the VIM editor to modify it directly, but to use the passwd command to modify the file. If you have to modify it directly, then you can use the chmod command to modify the attribute to root to write, and then you can modify.

Anyone who has ever used a UNIX system knows that any user can use the passwd command to create a new password. But from the above already know, non-root memory is unable to read this file, then the average user is how to modify this file. We know passwd This command actually executes the program is/USR/BIN/PASSWD, view this file attribute as follows:

-r-s--x--x 1 root root 21944 Feb 2006/usr/bin/passwd;

The s bit of the corresponding file access flag is usually said to be the suid bit, and you can see that all users have the right to execute this program. When the Steve user executes the passwd command. The Shell fork out a subprocess, at which point the euid of the process is still Steve, and then the EXEC program/USR/BIN/PASSWD. exec will be based on the/usr/bin/passwd suid bit will be the process of the euid set to root, at this time the process has obtained root permissions, access to read and write/etc/shadow file permissions, so that the Steve user can complete the password modification. When exec quits, Steve's Euid is restored. This will not leave the Steve user with root privileges.

We can test and use root to remove the suid bit of/usr/bin/passwd, as follows:

[Root@localhost ~]# ll/usr/bin/passwd

-r-s--x--x 1 root root 21944 Feb 2006/usr/bin/passwd

[Root@localhost ~]# chmod u-s/usr/bin/passwd

[Root@localhost ~]# ll/usr/bin/passwd

-r-x--x--x 1 root root 21944 Feb 2006/usr/bin/passwd

Then the Steve user uses the command passwd to update the password to prompt the following error:

[Steve@localhost ~]$ passwd

Changing password for user Steve.

Changing password for Steve

(current) UNIX Password:

Passwd:authentication Token manipulation Error

[Steve@localhost ~]$

This is because the/USR/BIN/PASSWD program Suid removed, although the Steve user can execute the program, but because the/usr/bin/passwd/suid is not set, so the exec process Euid is still Steve's reason.

Some people may find that the root user can still use the yongming to modify the password, because the root user itself Euid is root (also may as long as the discovery is Ruid is root does not check euid, direct can read and write, Root is the boss), can read the password file.

In addition, some people may find that ordinary file files will also be able to set the normal text file suid bit, but this is meaningless, because the file file does not have a place to perform seteuid () system calls to change when the user's euid.

Finally, the user ID rule also applies to the group ID.