[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN108595944B - Method for realizing UID uniqueness of user based on L inux system - Google Patents

Method for realizing UID uniqueness of user based on L inux system Download PDF

Info

Publication number
CN108595944B
CN108595944B CN201810256189.9A CN201810256189A CN108595944B CN 108595944 B CN108595944 B CN 108595944B CN 201810256189 A CN201810256189 A CN 201810256189A CN 108595944 B CN108595944 B CN 108595944B
Authority
CN
China
Prior art keywords
user
uid
list database
value
user uid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810256189.9A
Other languages
Chinese (zh)
Other versions
CN108595944A (en
Inventor
王玉成
姬一文
杨诏钧
宋川飞
杨钊
张铎
魏立峰
孔金珠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kirin Software Co Ltd
Original Assignee
Kirin Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kirin Software Co Ltd filed Critical Kirin Software Co Ltd
Priority to CN201810256189.9A priority Critical patent/CN108595944B/en
Publication of CN108595944A publication Critical patent/CN108595944A/en
Application granted granted Critical
Publication of CN108595944B publication Critical patent/CN108595944B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A method for realizing UID uniqueness of a user based on L inux system includes but is not limited to a step of judging whether a pre-used UID value is added in a process of creating the user and/or a process of modifying the user, wherein the step of judging whether the pre-used UID value is appointed or not, if the pre-used UID value is appointed, judging whether the appointed value is used or not, if the pre-used UID value is not used, the value is used, if the pre-used UID value is used, the user exits, and if the pre-used UID value is not appointed, an unused UID value is searched in a UID value range allowed by the system to be used.

Description

Method for realizing UID uniqueness of user based on L inux system
Technical Field
The invention belongs to the technical field of operating systems, and particularly relates to a method for realizing UID uniqueness of a user based on an L inux system.
Background
L inux system, all users needing to enter the system need to establish account number, each account number has user name, UID, GID, user main directory information, etc., which are generally stored in system password file/etc/password.
L inux system each file has an owner indicating who the file was created, and a group number indicating the group to which the file belongs, typically the group to which the file owner belongs.
If the deleted user's home directory or other files are not deleted at the same time when the user is deleted, the user of the newly created same UID can access the files, thereby causing user data leakage.
The prior art only considers that the UID of a new user cannot be the same as the UID of the existing user of the system, and does not consider the problem of reusing all used UIDs.
The invention discloses a method and a device for checking user uniqueness (application number CN 201510053974.0). The invention provides a method and a device for checking user uniqueness, the method is applied to a first service board card of a card-inserting type device, the first service board card is connected with a main control board card, the main control board card is connected with a second service board card, and the method comprises the following steps: acquiring a user ID of a user requesting login; adding the user ID to a first logged-in list when the user ID is not local; sending a login success message to a main control board card so that the main control board card forwards the login success message to the second service board card, wherein the login success message comprises the address of the first service board card and the user ID; and when a detection failure message fed back by the second service board card according to the login success message and forwarded by the main control board card is received, confirming that the user does not have uniqueness. Therefore, users without uniqueness can be eliminated, and the information security of the card-inserting type equipment is improved. The method can be only used for card-inserting equipment, and simultaneously, the method only considers the uniqueness that users with the same ID can only log in on one card at the same time, and does not consider the problem of reusing the user ID.
The invention discloses an application program starting method and system for improving the security of an embedded L inux kernel (application number CN200810096083.3), and provides the application program starting method and system for improving the security of the embedded L inux kernel by issuing super user authority.
Disclosure of Invention
In view of this, the present invention provides a method for implementing user UID uniqueness based on L inux system to solve the defects and shortcomings existing in the prior art, which can keep the UID unique in the whole life cycle of the operating system, protect user data security, and avoid the problem of data leakage caused by UID reuse.
In order to solve the technical problem, the invention discloses a method for realizing UID uniqueness of a user based on an L inux system, and the method is realized by adopting the following technical scheme.
A method for realizing user UID uniqueness based on L inux system includes judging whether a pre-used UID value is assigned or not, judging whether the assigned value is used if it is, if not, using the value, if it is, quitting, if not, searching an unused UID value in UID value range allowed by system for use.
Further, the specific step of creating the user flow, which is added with the step of determining the pre-used UID value, includes:
s11: ensuring that a user UID list database exists;
s12: determining whether a user UID is specified; if so, entering the next step; if not, skipping the next step, and entering S14;
s13: judging whether the specified user UID is in the user UID list database:
if so, quitting if the user UID is used; if not, create an account using the user UID and proceed to S15;
s14: finding a UID which is not used and is not in the UID list database of the user in the range of UIDs allowed by the system to create an account;
s15: and writing the UID of the created account number into the user UID list database.
Further, the specific content of S11 is: judging whether the user UID list database exists or not; if not, generating a used user UID list according to the system password file, storing the used user UID list in a user UID list database, and entering the next step; if so, go directly to the next step.
Further, the specific step of S14 includes:
s141: setting the user UID to a system-allowed UID minimum;
s142: judging whether the value of the user UID is in the user UID list database;
if not, the process proceeds to S143; if so, go to S144;
s143: creating an account using the current UID value;
s144: judging whether the current UID value exceeds the maximum UID value allowed by the system, and if so, directly exiting; if not, the current UID is incremented by 1 and S141 is entered.
Further, the specific step of modifying the user flow, which adds the step of determining the pre-used UID value, includes:
s21: ensuring that the user UID list database exists;
s22: judging whether the value of the user UID which is pre-modified is in the user UID list database; if so, the value has already been used; if not, entering the next step;
s23: modifying the current user UID to the value;
s24: and writing the modified user UID into the user UID list database.
A computer readable storage medium storing a computer program which when executed by a processor implements the steps of a method of implementing user UID uniqueness as claimed in any one of the above.
An apparatus for implementing user UID uniqueness based on L inux system, comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the computer program, implements the steps of the method for implementing user UID uniqueness as described in any one of the above.
Compared with the prior art, the invention can obtain the following technical effects: the UID can be kept unique in the whole life cycle of the operating system, the safety of user data is protected, and the problem of data leakage caused by UID reuse is avoided.
Of course, it is not necessary for any one product in which the invention is practiced to achieve all of the above-described technical effects simultaneously.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flow diagram illustrating the uniqueness of a user UID when the L inux system creates the user according to an embodiment of the present invention.
Fig. 2 is a schematic flow chart of the L inux system for realizing user UID uniqueness when modifying the user UID according to an embodiment of the present invention.
Detailed Description
The following detailed description of the embodiments of the present invention will be provided with reference to the accompanying drawings and examples, so that how to implement the embodiments of the present invention by using technical means to solve the technical problems and achieve the technical effects can be fully understood and implemented.
A method for realizing UID uniqueness of a user based on an L inux system comprises creating a user flow and modifying the user flow.
Creating a user flow as shown in fig. 1, the steps include:
s101: judging whether a user UID list database exists or not; if not, generating a used user UID list according to the system password file/etc/password, storing the used user UID list in a user UID list database, and entering the next step; if yes, entering the next step;
s102: a system administrator starts to create a user and judges whether a user UID is appointed or not; if so, entering the next step; if not, skipping the next step and entering S104;
s103: judging whether the specified UID is in a user UID list database: if the appointed UID is in the UID list database of the user, prompting that the UID is used, and directly quitting; if the specified UID is not in the user UID list database, create an account using the UID and proceed to S105;
s104: if the UID of the user is not specified, the user creating program searches an UID which is not used by the existing user of the system and is not in the UID list database of the user from the minimum value to the user in a mode of increasing 1, and distributes the UID to the user, and the UID is used for creating an account;
the detailed steps of the step are as follows:
s1041: setting the UID to the minimum UID allowed by the system;
s1042: judging whether the UID is not in the UID list database of the user; if not, the process goes to S1043; if yes, entering S1044;
s1043: creating a user using the previously found UID;
s1044: judging whether the UID does not exceed the maximum UID allowed by the system, and if so, directly exiting; if not, UID is increased by 1 and S1041 is entered.
S105: and after the user is successfully created, writing the new user UID into the user UID list database.
Modifying the user flow as shown in fig. 2, the steps include:
s201: judging whether a user UID list database exists or not, if not, generating a used user UID list according to the system password file/etc/password, storing the used user UID list in the user UID list database, and entering S202; if yes, directly entering S202;
s202: when a system administrator modifies the user UID, firstly judging whether the specified user UID is in a user UID list database; if yes, the process goes to S203; if not, entering S204;
s203: prompting that the UID is used and directly quitting;
s204: modifying the current user UID to be the appointed UID;
s205: and after the account is successfully modified, writing the UID appointed when the account is modified into the user UID list database.
The invention has the beneficial effects that: the UID can be kept unique in the whole life cycle of the operating system, the safety of user data is protected, and the problem of data leakage caused by UID reuse is avoided.
The method for implementing uniqueness of user UID based on L inux system provided by the embodiment of the present invention is described in detail above, the description of the above embodiment is only for helping understanding the method of the present invention and its core idea, meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be changes in the specific implementation and application scope, and in summary, the content of the present description should not be understood as a limitation to the present invention.
As used in the specification and claims, certain terms are used to refer to particular components or modules. As one skilled in the art will appreciate, different mechanisms may refer to a same component or module by different names. This specification and claims do not intend to distinguish between components that differ in name but not function. In the following description and in the claims, the terms "include" and "comprise" are used in an open-ended fashion, and thus should be interpreted to mean "include, but not limited to. "substantially" means within an acceptable error range, and a person skilled in the art can solve the technical problem within a certain error range to substantially achieve the technical effect. The following description is of the preferred embodiment for carrying out the invention, and is made for the purpose of illustrating the general principles of the invention and not for the purpose of limiting the scope of the invention. The scope of the present invention is defined by the appended claims.
It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a commodity or system that includes the element.
While the foregoing description shows and describes several preferred embodiments of the invention, it is to be understood, as noted above, that the invention is not limited to the forms disclosed herein, but is not intended to be exhaustive of other embodiments, and is capable of use in various other combinations, modifications, and environments and is capable of changes within the scope of the inventive concept as expressed herein, commensurate with the above teachings, or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (6)

1. A method for achieving uniqueness of a user UID based on a L inux system is characterized by comprising a judging step of adding a pre-used UID value in a user creating process and/or a user modifying process, a step of ensuring existence of a user UID list database, a step of judging whether the user UID value is designated in the user creating process or not, a step of entering the next step if the user UID list database is not designated in the user creating process, a step of entering S13 if the user UID list database is not designated in the user UID list database, a step of judging whether the designated user UID is in the user UID list database or not, a step of exiting the user UID if the user UID value is in the user UID list database if the user UID value is in the user creating process, a step of creating an account by using the user UID and entering S14 if the user UID is not designated in the user UID list database, a step of finding an account which is not used and is not in the user UID list database to create an account, a step of writing 5631 of writing the UID number of the user UID list database into the user UID list database, and a step of writing the user UID value in the user UID list database after the user UID list is modified in the user creating process, and a step of not modifying the user UID list database is judged that the user 22, and the user is not corrected in the user.
2. The L inux system-based method for realizing uniqueness of user UID according to claim 1, wherein the method comprises determining whether the UID list database exists, if not, generating a used UID list according to a system password file, storing the used UID list in the UID list database, entering the next step, and if so, directly entering the next step.
3. The L inux system-based method for realizing UID uniqueness of a user according to claim 1 or 2, wherein the specific steps of S13 include:
s131: setting the user UID to a system-allowed UID minimum;
s132: judging whether the value of the user UID is in the user UID list database; if not, the process proceeds to S133; if yes, the process goes to S134;
s133: creating an account using the current UID value;
s134: judging whether the current UID value exceeds the maximum UID value allowed by the system, and if so, directly exiting; if not, the current UID is self-increased by 1 and the process proceeds to S131.
4. The L inux system-based method for realizing UID uniqueness for users according to claim 1, further comprising modifying a user flow, wherein the step of modifying the user flow comprises:
s21: ensuring that the user UID list database exists;
s22: judging whether the value of the user UID which is pre-modified is in the user UID list database; if so, the value has already been used; if not, entering the next step;
s23: modifying the current user UID to the value;
s24: and writing the modified user UID into the user UID list database.
5. A computer-readable storage medium storing a computer program, characterized in that: the computer program when executed by a processor implementing the steps of a method of implementing user UID uniqueness as claimed in claim 1 or 2.
6. An apparatus for implementing uniqueness of a user UID based on an L inux system, comprising a memory, a processor and a computer program stored in the memory and operable on the processor, wherein the processor, when executing the computer program, implements the steps of the method for implementing uniqueness of a user UID as claimed in claim 1 or 2.
CN201810256189.9A 2018-03-27 2018-03-27 Method for realizing UID uniqueness of user based on L inux system Active CN108595944B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810256189.9A CN108595944B (en) 2018-03-27 2018-03-27 Method for realizing UID uniqueness of user based on L inux system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810256189.9A CN108595944B (en) 2018-03-27 2018-03-27 Method for realizing UID uniqueness of user based on L inux system

Publications (2)

Publication Number Publication Date
CN108595944A CN108595944A (en) 2018-09-28
CN108595944B true CN108595944B (en) 2020-07-10

Family

ID=63624729

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810256189.9A Active CN108595944B (en) 2018-03-27 2018-03-27 Method for realizing UID uniqueness of user based on L inux system

Country Status (1)

Country Link
CN (1) CN108595944B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112487372A (en) * 2020-10-30 2021-03-12 南京富士通南大软件技术有限公司 Linux system-based method for realizing UID uniqueness of user
CN114780292A (en) * 2022-04-19 2022-07-22 北京凝思软件股份有限公司 Linux-based user identifier uniqueness realization method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105069375A (en) * 2015-08-14 2015-11-18 上海柏楚电子科技有限公司 Database-based embedded system encryption method
CN105653960A (en) * 2015-12-31 2016-06-08 北京元心科技有限公司 Linux capability distribution method and device
CN105786551A (en) * 2014-12-26 2016-07-20 北京元心科技有限公司 Application program operation access control method and system
CN108536448A (en) * 2018-03-21 2018-09-14 江苏长顺江波软件科技发展有限公司 A method of modification windows operating systems SID

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100915803B1 (en) * 2006-12-05 2009-09-07 한국전자통신연구원 Application Program Launching Method and System for Improving Security of Embedded Linux Kernel
US8650658B2 (en) * 2010-10-25 2014-02-11 Openpeak Inc. Creating distinct user spaces through user identifiers
KR101308351B1 (en) * 2012-02-24 2013-09-17 주식회사 팬택 Terminal and method for assigning a permission to application
CN103886270A (en) * 2014-03-31 2014-06-25 宇龙计算机通信科技(深圳)有限公司 Terminal and method for improving system safety
CN106775951A (en) * 2016-12-29 2017-05-31 北京奇虎科技有限公司 A kind of operation management method and device of Android application

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105786551A (en) * 2014-12-26 2016-07-20 北京元心科技有限公司 Application program operation access control method and system
CN105069375A (en) * 2015-08-14 2015-11-18 上海柏楚电子科技有限公司 Database-based embedded system encryption method
CN105653960A (en) * 2015-12-31 2016-06-08 北京元心科技有限公司 Linux capability distribution method and device
CN108536448A (en) * 2018-03-21 2018-09-14 江苏长顺江波软件科技发展有限公司 A method of modification windows operating systems SID

Also Published As

Publication number Publication date
CN108595944A (en) 2018-09-28

Similar Documents

Publication Publication Date Title
CN103826215B (en) A kind of method and apparatus for carrying out Root authority management on the terminal device
CN107733847B (en) Method and device for platform login website, computer equipment and readable storage medium
CN111343142A (en) Data processing method and device based on block chain network and storage medium
CN105101196A (en) User account management method and device
CN110278192B (en) Method and device for accessing intranet by extranet, computer equipment and readable storage medium
CN110417730B (en) Unified access method of multiple application programs and related equipment
US8365245B2 (en) Previous password based authentication
US20160187827A1 (en) Methods and systems for determining authenticity of a consumable product
CN108595944B (en) Method for realizing UID uniqueness of user based on L inux system
CN106470247B (en) Domain name agency of trademark registration method and apparatus
US8468596B2 (en) Work support apparatus for information processing device
CN110677391B (en) Third-party link verification method based on URL Scheme technology and related equipment
US20100225950A1 (en) Image forming apparatus and method
CN112434054A (en) Audit log updating method and device
WO2015113351A1 (en) Information processing method, terminal and server, and communication method and system
CN109829321B (en) Method, device, equipment and storage medium for authenticating identity
US10255010B2 (en) Image forming system
CN112804222B (en) Data transmission method, device, equipment and storage medium based on cloud deployment
CN113468276A (en) Trusted data acquisition method and device of on-chain prediction machine and electronic equipment
CN112637231A (en) Authorization method, authorization device, storage medium and server
CN116743472A (en) Resource access method, device, equipment and medium
CN112464225B (en) Request processing method, request processing device and computer readable storage medium
CN111680279B (en) Login verification method, device and system
CN114048457A (en) Multi-platform user relationship creation method, device, system and storage medium
CN109996228B (en) Information processing method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Wang Yucheng

Inventor after: Ji Yiwen

Inventor after: Yang Zhaojun

Inventor after: Song Chuanfei

Inventor after: Yang Zhao

Inventor after: Zhang Duo

Inventor after: Wei Lifeng

Inventor after: Kong Jinzhu

Inventor before: Wang Yucheng

Inventor before: Ji Yiwen

Inventor before: Yang Zhaojun

Inventor before: Song Chuanfei

Inventor before: Yang Zhao

Inventor before: Zhang Duo

Inventor before: Wei Lifeng

Inventor before: Kong Jinzhu

Inventor before: Wu Qingbo

CB02 Change of applicant information
CB02 Change of applicant information

Address after: 300450 6-8 / F, building 3, Xin'an venture Plaza, Tanggu Marine Science Park, Binhai high tech Zone, Binhai New Area, Tianjin

Applicant after: Kirin Software Co.,Ltd.

Address before: 300457 6-8 / F, building 3, Xin'an venture Plaza, Tanggu Marine Science Park, Binhai New Area, Tianjin

Applicant before: TIANJIN KYLIN INFORMATION TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant