Every process has six or more IDs associated with it. These are shown in Figure 4.5.
Figure 4.5. user IDs and group IDs associated with each process
Real user ID Real group ID |
Who we really are |
Valid user ID Valid group ID Supplementary Group IDs |
Used for file access permission checks |
Saved set-user-ID Saved set-group-ID |
SavedExec Functions |
The real user ID and real group ID identify who we really are.
These two fields are taken from our entry in the password file when we log in.
Normally, these values don't change during a login session, although there
Are ways for a superuser process to change them, which we describe in section 8.11.
The specified tive user ID, valid tive group ID, and supplementary
Group IDs determine our file access permissions, as we describe in the next
Section. (We defined supplementary group IDs in section 1.8 .)
The saved set-user-ID and saved set-group-ID contain copies
The specified tive user ID and the specified tive group ID when a program is executed. We
Describe the function of these two saved values when we describe
SetuidFunction in section 8.11.
The saved IDs are required with the 2001 version of posix.1.
They used to be optional in older versions of POSIX. An application can test
The constant_ Posix_saved_idsAt compile time or can call
SysconfWith_ SC _saved_idsArgument At runtime, to see
Whether the implementation supports this feature.
Normally, the specified tive user ID equals the real User ID, and
The specified tive group ID equals the real group ID.
Every file has an owner and a group owner. The owner is
Specified bySt_uidMember ofStatStructure;
Group owner, bySt_gidMember.
When we execute a program file, the valid user ID of
Process is usually the real User ID, and the specified tive group ID is usually
Real group ID. But the capability exists to set a special flag in the file's
Mode word (St_mode) That says "when this file is executed, set
Valid tive user ID of the process to be the owner of the file (St_uid)."
Similarly, another bit can be set in the file's mode word that causes
Valid tive group ID to be the group owner of the file (St_gid). These
Two bits in the file's mode word are called the set-user-ID bit and the set-group-ID bit (if you use 'LS-l' to examine a file the two bits set, it shows sort of '-RWSRWS---').
For example, if the owner of the file is the superuser and if
The file's set-user-ID bit is set, then while that program file is running as
Process, it has superuser privileges. This happens regardless of the real user
ID of the process that executes the file. As an example, the UNIX System Program
That allows anyone to change his or her password,Passwd(1), is
Set-user-ID program. This is required so that the program can write the new
Password to the password file, typically either/Etc/passwdOr
/Etc/shadow, Files that shoshould be writable only by the superuser.
Because a process that is running set-user-ID to some other user usually assumes
Extra permissions, it must be written carefully. We'll discuss these types
Programs in more detail in chapter
8.
Returning toStatFunction, the set-user-ID bit
And the set-group-ID bit are contained in the file'sSt_modeValue.
These two bits can be tested against the constantsS_isuidAnd
S_isgid.