Android Security Mechanism-Operating System Security Mechanism-process, user and file security
1. process, thread
2. Multi-user and multi-user boundary (determine the resources, files, and executable operations that the user can operate and access)
3. Processes and files are differentiated by UID and GID, and operations are differentiated by rwx. Processes and files are connected by uid.
4. Use chmod to modify the operation (rwx) and chown to modify the user
5. UID can be divided into RealUID, inclutiveuid, and RealUID to indicate identity, which is convenient for inheritance. inclutiveuid indicates the operation capability. In general, the two are unified. For example, in the passwd process, the inclutiveuid has been changed to ROOT, while the RealUID is still the same.
6. chmod uses SetUID to change inclutiveuid to ROOT.
7. More fine-grained Capablity to determine the user's operation permissions,
Process Permitted Capability Sets, valid tive Capability Sets, and Inheritable Capability Sets
File Permitted Capability Sets, valid tive Capability Set (true or false), Inheritable Capability Sets
Determine contact by formula