www.delorie.com/gnu/docs/glibc/libc_603.html   search  
 
Buy the book!


The GNU C Library

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

29. Users and Groups

Every user who can log in on the system is identified by a unique number called the user ID. Each process has an effective user ID which says which user's access permissions it has.

Users are classified into groups for access control purposes. Each process has one or more group ID values which say which groups the process can use for access to files.

The effective user and group IDs of a process collectively form its persona. This determines which files the process can access. Normally, a process inherits its persona from the parent process, but under special circumstances a process can change its persona and thus change its access permissions.

Each file in the system also has a user ID and a group ID. Access control works by comparing the user and group IDs of the file with those of the running process.

The system keeps a database of all the registered users, and another database of all the defined groups. There are library functions you can use to examine these databases.

29.1 User and Group IDs  Each user has a unique numeric ID; likewise for groups.
29.2 The Persona of a Process  The user IDs and group IDs of a process.
29.3 Why Change the Persona of a Process?  Why a program might need to change its user and/or group IDs.
29.4 How an Application Can Change Persona  Changing the user and group IDs.
29.5 Reading the Persona of a Process  How to examine the user and group IDs.

29.6 Setting the User ID  Functions for setting the user ID.
29.7 Setting the Group IDs  Functions for setting the group IDs.

29.8 Enabling and Disabling Setuid Access  Turning setuid access on and off.
29.9 Setuid Program Example  The pertinent parts of one sample program.
29.10 Tips for Writing Setuid Programs  How to avoid granting unlimited access.

29.11 Identifying Who Logged In  Getting the name of the user who logged in, or of the real user ID of the current process.

29.12 The User Accounting Database  Keeping information about users and various actions in databases.

29.13 User Database  Functions and data structures for accessing the user database.
29.14 Group Database  Functions and data structures for accessing the group database.
29.15 User and Group Database Example  Example program showing the use of database inquiry functions.
29.16 Netgroup Database  Functions for accessing the netgroup database.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

  webmaster     delorie software   privacy  
  Copyright 2003   by The Free Software Foundation     Updated Jun 2003