Upload
kaliyah-studdard
View
215
Download
0
Embed Size (px)
Citation preview
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Unix system calls (part 1)
• history and usage of Python• basic data types and the type hierarchy• syntax• modules and variable scopes
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Unix system calls(part 1)
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
This is one part of a larger series. You may need to view previous parts to understand this material.
0x76 00 00 00system call 0
0x20 15 10 00system call 1
0x82 87 95 94system call 2
0xA2 22 00 10system call 3
0xFF 31 21 14system call 4
0xFF 31 01 11system call 5
0xFF 90 44 44system call 6
0xFF 31 01 11system call 7
… …
stack
code
heap
heap
heap
kernel code pages only accessible in system calls
jump to system call code via
special instruction
• processes• files• networking sockets• signals• inter-process communication• terminals• threads• I/O devices
process:address spaceuser idsfile descriptorsenvironmentcurrent and root directory
stack
heap
code
heap
stack
code
initialized data
heap
heap
kernel code
uninitialized data
global variables with initial values
global variables without initial values
stack
code
initialized data
heap
heap
kernel code
uninitialized data
a.k.a. the “text”
global variables with initial values
global variables without initial values
starts empty, grows automatically
explicitly allocated during execution
mmap(‘memory map’ pages to the process address space)
munmap(‘memory unmap’ pages from the process address space)
mmap(‘memory map’ pages to the process address space)
munmap(‘memory unmap’ pages from the process address space)
address = mmap(5000)… # do stuff with memory at addressmunmap(address)
stack
code
initialized data
heap
heap
kernel code
uninitialized data
heap
heap
mmap fails when not enough space
wait(block the process until child process terminates)
pid = fork()if pid == 0: // new (child) process exec(‘/games/pong’)else: // original (parent) process code = wait(pid)
TERM=xtermSHELL=/bin/bashUSER=greysMAIL=/var/mail/ted PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/binPWD=/home/tedEDITOR=vim
name=value
pid 1 (init), user 0
pid 85, user 8 pid 17, user 4
pid 24, user 33pid 230, user 8
pid 104, user 33
pid 34, user 4
pid 50, user 4
each process has three user ids:
each file and directory is owned by a single user
“real” id:the owning user
“effective” id:determines privileges
“saved” id:set by exec to match the effective id
exec (sets effective and saved ids when binary file has setuid bit)
seteuid (sets effective user id)
setuid (sets real, effective, and saved user ids)
exec (sets effective and saved ids when binary file has setuid bit)
seteuid (sets effective user id)
setuid (sets real, effective, and saved user ids)
non-superuser can only directly set effective id to match the real or saved id
user groups:
/etc/group
• user may belong to multiple groups but has one “primary” group• each file and directory is owned by one group• each process has a real, effective, and saved group id• binary files have setgid bit• setegid and setgid
rwx rwx rwxuser group other
if file_user_id == effective_user_id:user class
else if file_group_id == effective_group_id:group class
else:other
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
/adams/taft/garfield/eisenhower
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
/adams/taft/garfield/eisenhower/adams/taft/ (OK)
r-xr-xr-xrw-r-----r-x--x--xrwx------
/adams/lincoln/adams/cleveland/roosevelt/fillmore
rwx rwx rwxuser group other