linux 中的进程如何决定它拥有的权限

Question

I want to know how does a process in Linux decides what privileges it has?

Suppose there is a binary program Read_File that reads from file /home/myname/data.txt and displays the contents of it to the STD output; now, how does Read_File decides whether or not it has permission to read data.txt , what type of ids it checks to decide the privileges?

Answer 1

First, a bit of background:

The process is usually run by a specific user. So for example, if you log in yourself and run the program, it will run with the same privileges as yourself. You can check the permissions on the file with either stat or ls -l .

Using stat

malbert@dredg:/tmp$ stat foo
  File: `foo'
  Size: 0               Blocks: 0          IO Block: 4096   regular empty file
Device: fb00h/64256d    Inode: 618         Links: 1
Access: (0644/-rw-r--r--)  Uid: (11204/ malbert)   Gid: (10513/domain users)
Access: 2011-06-10 13:03:27.181227226 +0200
Modify: 2011-06-10 13:03:27.181227226 +0200
Change: 2011-06-10 13:03:27.181227226 +0200

The important infos here are:

Access: (0644/-rw-r--r--)  Uid: (11204/ malbert)   Gid: (10513/domain users)

This tells you the permissions for the owner ( rw- ), group ( r-- ) and everyone else ( r-- ). It also shows you the current owner id ( Uid ) and the current group id ( Gid ).

The abbreviations stand for:

• r = read access
• w = write access
• x = execute/traverse directory access

Using ls -l

ls -l gives you a quick summary:

malbert@dredg:/tmp$ ls -l /tmp
total 48
drwx------ 2 malbert domain users 4096 2011-06-10 08:51 akonadi-malbert.zOSngu
-rw-r--r-- 1 malbert domain users    0 2011-06-10 13:03 foo
drwx------ 2 kdm     nogroup      4096 2011-06-10 08:51 kde-kdm
drwx------ 3 malbert domain users 4096 2011-06-10 08:51 kde-malbert
[snip]

Here you can see the same info as with stat , but as a summary. Also, the uid's and gid's are resolved into names (in this case malbert and domain users ). You can use ls -u to see these as numeric values.

In case you want to run the application as a different user as yourself, you can either use su , sudo or your application itself can drop priviledges and change the user it is running as. This is usually the way system daemons do things.

ACLs / extended attributes

Be careful about extended attributes. When listing the files using ls -l these are visible with an appended + sign. For example:

malbert@dredg:/tmp$ ls -l
total 48
drwx------  2 malbert domain users 4096 2011-06-10 08:51 akonadi-malbert.zOSngu
-rw-rwxr--+ 1 malbert domain users    0 2011-06-10 13:03 foo
drwx------  2 kdm     nogroup      4096 2011-06-10 08:51 kde-kdm
drwx------  3 malbert domain users 4096 2011-06-10 08:51 kde-malbert
[snip]

Notice the following line:

-rwxr--+ 1 malbert domain users    0 2011-06-10 13:03 foo

The + sign in -rwxr--+ points to extended attributes. It is possible that these are ACLs. There is an excellent document on ACLs in the SuSE documentation. Go have a look at it if you need to. Explaining ACLs would certainly explode this article, so I won't discuss those.

Extended attributes could also be related to the file system. See the man page of chattr for more information on that.

Now, as a sidenote: this is StackOverflow. Questions should be development related. For questions like this one, there's http://www.serverfault.com . But As you were not aware, that this is not a development problem, but more related to the OS, I felt I should answer anyway;)

Good luck, and have fun!

Answer 2

The process doesn't decide anything; whenever it tries an operation the operating system checks it's EUID and decides if has the required privileges.

For example when it tries to access a file, the owner and permissions of the file are checked. If the EUID of the process doesn't have enough privileges for an operation, that operation will fail (usually with EPERM ).