UID exec Inheritance
Table
| ID | exec (set-user-ID bit off) | exec (set-user-ID bit on) |
|---|---|---|
| real user ID | unchanged | unchanged |
| effective user ID | unchanged | set from user ID of program file |
| saved set-user ID | copied from effective user ID | copied from effective user ID |
Explanation
- 如果
exec的檔案 set-user-ID bit 有開啟,則 effective UID 會被設為該檔案的 owner,否則則會繼承原 process 的 effective UID - 設定完 effective UID 後,kernel 會將 effective UID 的值複製給 saved set-UID
在呼叫 exec 前,應確認 effective UID 該改成 real UID,否則如果 process B 去 exec process C,而 process B 的 effective UID 是 B,則會變成 process C 的 effective UID 是 B,這不合理