Author: vamei Source: http://www.cnblogs.com/vamei welcome reprint, please also keep this statement. Thank you!
The concept and system of Linux repeatedly mentions the importance of processes. The Python OS package contains query and modification.Process Information. These Python tools comply with the concepts related to the Linux system, so they can help you understand the Linux system.
1. Process Information
The related functions in the OS package are as follows:
Uname ()ReturnOperating SystemRelated information. SimilarUnameCommand.
Umask ()Set the mask permission when the process creates a file. SimilarUmaskFor more information about commands, see File Management in Linux.
Get *()Query (* Replaced by the following)
UID, EUID, resuid, GID, EGID, resgid:PermissionResuid is mainly used to return the saved uid. For more information, see Linux users and the "minimum permission" principle.
PID, pgid, ppid, Sid:ProcessRelated. For more information, see Linux Process relationship.
Put *()Setting (* Replaced by the following)
EUID, EGID: usedChange EUID,EGID.
UID and GID: UID and gid of the process. OnlySuper UserTo change the UID and gid of the process.$ Sudo PythonPython ).
Pgid, Sid: changes the process group and Session of the process ).
Getenviron (): Get the environment variable of the process
Setenviron (): Change the environment variable of the process
Example 1: Real UID and real gid of a process
ImportOS
Print(OS. getuid ())Print(OS. getgid ())
SetProgramSave as the py_id.py file and use$ Python py_id.pyAnd$ Sudo Python py_id.pyCheck the running result.
2. About saved UID and saved GID
It is difficult for saved UID and saved GID to work in Python programs as described in Linux users and the "minimum permission" principle. The reason is that when we write a Python scriptActually running is the python interpreter.Instead of Python script files (C language directly runs the execution files compiled by C language ). We must change the permission of the python execution file to use the saved uid mechanism.Abnormal danger.
For example, our Python execution file is/usr/bin/Python (you can use$ Which PythonLearned)
Let's take a look.
$ LS-L/usr/bin/Python
Result:
-Rwxr-XR-x Root
We modify the permission to set the set UID and set GID bits (referLinux users and the "minimum permission" Principle)
$ Sudo chmod 6755/usr/bin/Python
/Usr/bin/Python permission:
-Rwsr-Sr-x Root
Then, we run the test. py file under the file, which can be owned by a common user vamei:
ImportOSPrint(OS. getresuid ())
The result is as follows:
(1000, 0, 0)
The above are uid, EUID, and saved uid respectively. We only need to execute a Python script owned by a common user to get the Super User permission! Therefore, it is extremely dangerous to do so. We have handed over the system's protection system. Imagine the powerful functions of Python. Now, other people can use these powerful functions as a weapon to attack you! Run the following command to restore to the previous stage:
$ Sudo chmod 0755/usr/bin/Python
For more details about the saved UID/GID of the script file, see
Http://www.faqs.org/faqs/unix-faq/faq/part4/section-7.html
Summary:
Get *, Set *
Umask (), uname ()