 | | Each process executing on the system has associated with it two small integers called the real user ID number and the effective user ID number. The UNIX kernel uses these numbers to determine the process' access permissions, record accounting information, and so on. The real user ID always identifies the user executing the program, and is used for accounting purposes. Only the superuser may change his real user ID, thus becoming another user. The effective user ID is used to determine a process' access permissions. Normally, the effective user ID is equal to the real user ID. However, by changing its effective user ID, a process can gain the additional access permissions associated with the new user ID. It is possible for more than one login name to be associated with the same user ID, but as far as the operating system kernel is concerned, each user ID is unique and identifies one and only one person. Thus, the only purpose of multiple login names with the same user ID is to allow different people to access the same set of privileges with different passwords. | |
|