Privileges associated with a process
After a fork,
the privileges of the parent and child processes are identical.
However, when an exec system call is performed,
the privileges of the new program are determined
from those of the program performing the exec and
from the privileges associated with the executable file.
Each process has three sets of privileges:
-
The maximum set contains all the privileges granted to
the process.
-
The working set contains all the privileges currently being used by the process.
-
The saved set contains all privileges acquired by executing files
with fixed privileges.
How the privileges for a new process are determined is
specific to the privilege (policy) module installed.
Next topic:
Manipulating process privileges
Previous topic:
Retrieving file privileges
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005