4.5 of Advanced Programming in the UNIX programming has a very clear explanation for file access permissions.
Here is an experiment to show the explanation.
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
int main(int argc, const char *argv[])
{
int fd;
if ((fd = open("data", O_RDONLY)) < 0) {
printf("open error\n");
return 1;
} else {
printf("open ok\n");
return 0;
}
}
$ gcc code.c
$ echo abc > data
$ ls -l
-rwxr-xr-x 1 jing jing 7174 2010-10-09 17:27 a.out
-rw-r--r-- 1 jing jing 302 2010-10-09 17:19 code.c
-rw-r--r-- 1 jing jing 4 2010-10-09 17:26 data
$ /a.out
open ok
$ chmod u-r data
$ /a.out
open error
$ id
uid=1000(jing) gid=1000(jing) groups=4(adm),20(dialout),24(cdrom),46(plugdev),104(lpadmin),115(admin),120(sambashare),121(vboxusers),125(kvm),126(libvirtd),1000(jing)
Here is the tricky part. If the effective user id is equal to the file owner id and it does not have the read permission, the permission is denied even the effective group id is equal to the file group id and does has the read permission.
$ sudo chown test data
$ ./a.out
open ok
$ sudo chown :kvm data
$ ./a.out
open ok
kvm is a supplementary group of the current user jing. So the file can be still opened after its group being set to kvm.
$ ./a.out
open error
$ sudo chown :fax data
$ ./aout
open ok
$ sudo chmod o-r data
$ ./a.out
open error
分享到:
相关推荐
controlling special permissions, encrypting file systems, and much moreMaster the art of securing a Linux environment with this end-to-end practical guideBook Description This book has extensive ...
Exactly how permissions work and how to decipher the most cryptic Linux permissions with ease. How to use the nano, vi, and emacs editors. Two methods to search for files and directories. How to ...
Introduction to Linux Module 2 — Logging In and General Orientation Module 3 — Navigating the File System Module 4 — Managing Files Module 5 — File Permissions and Access Module 6 ...
It provides Windows NT4.0/2000/XP/2003/Vista/2008 with full access to Linux Ext2 volumes (read access andwrite access). This may be useful if you have installed both Windows and Linux as a dual boot ...
Linux VM ASLR discussion, tiny bit on Meltdown/Spectre, file permissions/access control lists, discussion of TOCTTOU attacks, etc.), more about Linux CFS scheduler, more about Linux VM, changed VMS ...
The book begins with the concept of user management, group management, as well as file-system permissions. To manage your storage on Ubuntu Server systems, you will learn how to add and format ...
For more information on setting file permissions, see "Modifying Linux, Unix, and Mac file permissions" (http://drupal.org/node/202483) or "Modifying Windows file permissions" ...
You will then learn how to manage users and their permissions, software installs, disks, filesystems, and so on. You'll then see how to secure connection to remotely access a desktop and work with ...
File Access Permissions Section 4.6. Ownership of New Files and Directories Section 4.7. access Function Section 4.8. umask Function Section 4.9. chmod and fchmod Functions ...
Changing File Permissions in UNIX, Linux, and Mac OS X 76 Changing Windows File Permissions 77 Changing File Permissions in PHP 87 Patching the Application to Allow User-Uploaded Image Files 88 Modify...
Changing file access modes 462 Handling file errors 462 Reading Files 463 A simple read example 464 A more complicated read example 465 Reading, Processing, and Writing Data 467 Memory-Mapped Files ...
You can also create your own policy files that define arbitrary permission sets. <br/>Comparison of the sample security policy file <br/> Permissions/Resource Setting Admin Default ...
Restricting access to logged-in users 80 Methods for browsing bookmarks 81 Improving the user page 83 Creating a tag page 85 Building a tag cloud 87 A word on security 90 SQL injection 91 Cross...
** you may not use this file except in compliance with the License. ** You may obtain a copy of the License at ** http://www.apache.org/licenses/LICENSE-2.0 ** Unless required by applicable law or a...
安装linux工具源码 (UUI) Universal USB Installer ?009-2012 Lance http://www.pendrivelinux.com This Open Source tool falls under the GNU General Public License Version 2 Source Code is made available at...
Installing Apache for Linux/UNIX. . . . . . . . . . . . . . . . . . . . . . . . . . 32 Configuring Apache on Linux/UNIX. . . . . . . . . . . . . . . . . . . . . . 34 Starting and Connecting to Apache....
operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a ...
operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a ...
Table of Contents Preface, Notes, Licenses . . . . . . . . ....1. Licenses for Third-Party Components ....1.1. FindGTest.cmake License ....1.2. LPeg Library License ....1.3. LuaFileSystem Library License ....
Table of Contents 1. About Perl Training Australia....................................................................................................... 1 Training.......................................