Privileges associated with a file
For every executable file there may be
a set of privileges that are acquired
when that program is executed via an exec system call.
This set of privileges is known as
fixed privileges:
they are always given to the
new program, independent of the privileges of
the parent or calling-process.
Each executable file can have
two sets of privileges associated with it
that are propagated
when that program is executed via an exec system call:
-
Fixed privileges are always given to the
new program, independent of the calling or parent
process's privileges.
-
Inheritable privileges will exist in the new program
only if they existed in the previous program.
Inheritable privileges are given to the new program
only if they exist in the calling process's privilege set;
inheritable privileges
are only used by the LPM privilege module,
not by the SUM privilege module
(see
``Privileges'').
These sets are disjoint, that is,
a privilege can not be defined
as both fixed and inheritable for the same file.
If an executable file does not
require any privileges then
this set is empty.
CAUTION:
Privileges associated with a file
are removed when the validity information
for the file changes
(for example,
when the file is opened for writing or
when the modes of the file change).
This removes the file from the
Trusted Computing Base;
the privileges must be set again
in order for the command to run with privilege.
Next topic:
Manipulating file privileges
Previous topic:
Privileges
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005