服务器评测
access Function:
When we open a file, the kernel performs its access tests based on the effective user and group IDs. There are times when a process wants to test accessibility based on the real user and group IDs. This is useful when a process is running as someone else, using either the set-user-ID or the set-group-ID feature. Even though a process might beset-user-ID to root, it could still want to verify that the read user can access a given file. The access function bases its tests on the real user and group IDs.
- #include <fcntl.h>
- #include “apue.h”
- #include “my_err.h”
- int main(int argc, char* argv[])
- {
- if( argc != 2 )
- {
- err_quit(“usage: a .out <pathname>”);
- }
- if( access( argv[1], R_OK) < 0 )
- {
- err_ret(“access error for %s”, argv[1]);
- }
- else
- {
- printf(“read access ok\n”);
- }
- if( open( argv[1], O_RDONLY) < 0 )
- {
- err_ret(“open error for %s”, argv[1]);
- }
- else
- {
- printf(“open for reading OK\n”);
- }
- exit(0);
- }
说明:
a.out本来没有权限访问/etc/shadow文件,该文件只有root用户才有权限,但是我们把a.out改成root的文件,再增加S属性,虽然用的是普通的用户去执行root用户的文件,由于a.out 文件有S属性,所以,它的有效用户id还是root的id,也只有这样,a.out 才能访问/etc/shadow文件。
