Process PID and ppid, process UID and EUID, user UID and GID, file creator and Owner Relationship Analysis

Process PID and ppid, process UID and EUID, user UID and GID, file creator and Owner Relationship Analysis

1. When we create a user, we will name and set a password for the new user. At the same time, the system will associate a number with the user name we created, which is called the user uid. At the same time, we can also put this user into a user group. Similarly, the user group can also be created manually. If you do not specify the user group that the user belongs to when creating a user, the system automatically creates a user group with the same name as the user name. Whether manually or automatically created, the system associates a number with the user group. This number is called a GID. The GID of the group to which the UID belongs is the GID of the user.

2. When running each process, the system associates several numbers: PID, ppid, uid, and EUID. The PID of a process is automatically assigned by the system when the process is running. It is an integer that uniquely identifies the process. The ppid of the process is the PID of the parent process of the process. At the same time, the system also assigns a process UID and EUID to the running process to determine the execution permission of the file. Generally, the UID of the process and the EUID of the process are the same as the UID of the user who runs the process. For a file, its execution permissions are divided into three groups: file owner, file owner in the same group, and other users. This is the role of the user EUID. By comparing which group of files the EUID belongs to, you can determine the level of the File Execution permission. Then, the process has the execution permission on the file. In addition, if the setuid bit of the executable file is valid, the UID of the process is still the user's uid when the executable file is run, the EUID of the process is temporarily modified to the UID of the owner user of the executable file until the process ends. In a process, the process PID and ppid are unique identifiers of the process, and they do not change. The process uid is the same as the user uid that runs the process, and the process EUID is the same as the UID, the EUID is changed to the owner user uid of the file only when the setuid bit is set. Process GID is similar to process EGID.

File attributes:
15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
File Type setuid setgid sticky R w x r w x
# DEFINE _ s_ifmt starting with 0170000 0 indicates that it is octal. This bit determines the file type.
# DEFINE _ s_ifdir 0040000 directory file
# DEFINE _ s_ifchr 0020000 character Device File
.......
# Define s_irusr file owner readable
# The owner of the define s_iwusr file is writable.
# The owner of the define s_ixusr file can execute
# Define s_irgrp file owners can read the same group of users
# Other users of the define s_iroth file are readable.

Execute the LS-l command in shell, and the following will be displayed:
Drwxr-XR-x 2 root Root 652 Jul 31 2006/root/Hello
D indicates the file. The following several indicate the execution permissions of the file owner, users in the same group, and other users, the number of files, the file owner, and the file creator (Note: RHEL is the all file groups ), file Size, date, file path
Du-SH xxx can measure the memory size occupied by XXX files or directories.