Linux Security Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 6: Line 6:


=Unprivileged Process=
=Unprivileged Process=
An unprivileged process is a process with a non-zero its [[#Effective_User_ID|effective user ID]]. Unprivileged processes are subject to full permission checking based on the process' credentials: [[#Effective_User_ID|effective UID]], [[#Effective_Group_ID|effective GID]] and supplementary group list.
An unprivileged process is a process with a non-zero its [[#Effective_User_ID|effective user ID]]. Unprivileged processes are subject to full permission checking based on the process' credentials: [[#Effective_User_ID|effective UID]], [[#Effective_Group_ID|effective GID]] and [[#Supplementary_Group_List|supplementary group list]].


=Effective User ID=
=Effective User ID=
=Effective Group ID=
=Effective Group ID=
=Supplementary Group List=
=Supplementary Group List=

Revision as of 21:29, 1 March 2021

Internal

Privileged Process

Traditional UNIX implementations distinguish two categories of processes for the purpose of performing permission checks: privileged processes and unprivileged processes. A privileged process is a process with its effective user ID is 0, referred to as superuser or root. Privileged processes bypass all kernel permission checks.

Unprivileged Process

An unprivileged process is a process with a non-zero its effective user ID. Unprivileged processes are subject to full permission checking based on the process' credentials: effective UID, effective GID and supplementary group list.

Effective User ID

Effective Group ID

Supplementary Group List