os.getuid()和os.geteuid()有什么区别? [英] What is difference between os.getuid() and os.geteuid()?

问题描述

os.getuid()的文档说:

返回当前进程的用户ID.

Return the current process’s user id.

而os.geteuid()说:

返回当前进程的有效用户ID.

Return the current process’s effective user id.

那么用户ID 和有效用户ID 有什么区别?

对我来说，两者的工作原理相同((在2.x和3.x上) .我正在用它来检查脚本是否正在以root身份运行.

For me both works same (on both 2.x and 3.x). I am using it to check if script is being run as root.

推荐答案

要了解os.getuid和os.geteuid的不同之处，您需要了解它们不是Python特定的功能(除了os模块之外)字首).这些功能包装了getuid和geteuid系统调用，这些调用实际上由所有类似Unix的操作系统提供.

To understand how os.getuid and os.geteuid differ, you need to understand that they're are not Python specific functions (other than the os module prefix). Those functions are wrapping the getuid and geteuid system calls that are provided by essentially all Unix-like operating systems.

因此，您应该查看操作系统的文档，而不是查看Python文档(可能不会提供很多详细信息). 此处是Linux的相关文档， 例如. Wikipedia也有很好的有关Unix用户ID的文章.

So, rather than looking at Python docs (which are not likely to give a lot of details), you should look at the docs for your operating system. Here is the relevant documentation for Linux, for example. Wikipedia also has a good article on Unix User IDs.

常规UID和有效UID之间的区别在于，当您执行需要特殊访问的操作(例如，读取或写入文件或进行某些系统调用)时，仅检查EUID. UID指示执行该操作的实际用户，但是(通常)在检查权限时不考虑该用户.在正常程序中，它们将是相同的.某些程序会更改其EUID，以允许其执行的操作增加或减少.较小的数字也会更改其UID，以有效地成为"另一个用户.

The difference between the regular UID and the Effective UID is that only the EUID is checked when you do something that requires special access (such as reading or writing a file, or making certain system calls). The UID indicates the actual user who is performing the action, but it is (usually) not considered when examining permissions. In normal programs they will be the same. Some programs change their EUID to add or subtract from the actions they are allowed to take. A smaller number also change their UID, to effectively "become" another user.

这是一个更改EUID的程序示例:passwd程序(用于更改密码)必须写入系统密码文件，该文件由root用户拥有.普通用户无法写入该文件，因为如果可以，他们也可以更改其他人的密码.为解决此问题，passwd程序的文件许可权(称为setuid bit)中设置了一个位，用于向OS指示应使用程序所有者的EUID(例如，root)运行它，即使在它由另一个用户启动.然后，passwd程序会将其UID视为启动用户，并将其EUID视为根用户.写入系统密码文件需要授予EUID特权. UID也很有用，因为passwd需要知道要为其更改密码的用户.

Here's an example a program that changes its EUID: The passwd program (which is used to change your password) must write to the system's password file, which is owned by the root user. Regular users can't write to that file, since if they could, they could change everyone else's password too. To resolve this, the passwd program has a bit set in its file permissions (known as the setuid bit) that indicates to the OS that it should be run with the EUID of the program's owner (e.g. root) even when it is launched by another user. The passwd program would then see its UID as the launching user, and its EUID as root. Writing to the system password file requires the EUID to be privileged. The UID is useful too, since passwd needs to know which user it's changing the password for.

在其他一些情况下，UID和EUID不匹配，但是它们不太常见.例如，以超级用户身份运行的文件服务器可能会更改其EUID以匹配正在请求某些文件操作的特定用户.使用用户的EUID，服务器可以避免访问不允许用户触摸的内容.

There are a few other cases where the UID and EUID won't match, but they're not too common. For instance, a file server running as the super user might change its EUID to match a specific user who is requesting some file manipulations. Using the user's EUID allows the server to avoid accessing things that the user is not allowed to touch.

这篇关于os.getuid()和os.geteuid()有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！