Previous: Linux Processes
Linux, like all Unix uses user and group identifiers to check for
access rights to files and images in the system.
All of the files in a Linux system have ownerships and permissions, these
permissions describe what access the system's users have to that file or directory.
Basic permissions are read, write and execute and are assigned to
three classes of user; the owner of the file, processes belonging to a particular
group and all of the processes in the system.
Each class of user can have different permissions, for example a file could have permissions
which allow its owner to read and write it, the file's group to read it and for all
other processes in the system to have no access at all.
REVIEW NOTE: Expand and give the bit assignments (777).
Groups are Linux's way of assigning privileges to files and directories to a group
of users rather than to a single user or to all processes in the system.
You might, for example, create group for all of the users in a software project
and arrange it so that only they could read and write the source code for the
A process can belong to several groups (a maximum of 32 is the default) and these
are held in the groups vector in the task_struct for each process.
So long as a file has access rights for one of the groups that a
process belongs to then that process will have appropriate group access rights
to that file.
There are four pairs of process and group identifiers held in a processes
- uid, gid
- The user identifier and group identifier of the user that
the process is running on behalf of,
- effective uid and gid
- There are some programs which change the uid
and gid from that of the executing process into their own (held as
attributes in the VFS inode describing the executable image). These
programs are known as setuid programs and they are useful because
it is a way of restricting accesses to services, particularly those
that run on behalf of someone else, for example a network daemon.
The effective uid and gid are those from the setuid program and
the uid and gid remain as they were. The kernel checks the effective
uid and gid whenever it checks for privilege rights.
- file system uid and gid
- These are normally the same as the effective uid
and gid and are used when checking file system access rights.
They are needed for NFS mounted filesystems where the user mode NFS server
needs to access files as if it were a particular process. In this case
only the file system uid and gid are changed (not the effective uid and
gid). This avoids an arcane situation where malicious users could send a
kill signal to the NFS server.
Kill signals are delivered to processes with a particular effective uid and gid.
- saved uid and gid
- These are mandated by the POSIX standard and are used by
programs which change the processes uid and gid via system calls.
They are used to save the real uid and gid during the time that the original
uid and gid have been changed.
Previous: Linux Processes
David A. Rusling