Users and Groups
In a multiuser system, each user has a private space on the machine; typically, he owns some quota of the disk space to store files, receives private mail messages, and so on. The operating system must ensure that the private portion of a user space is visible only to its owner. In particular, it must ensure that no user can exploit a system application for the purpose of violating the private space of another user.
All users are identified by a unique number called the User ID, or UID. Usually only a restricted number of persons are allowed to make use of a computer system. When one of these users starts a working session, the system asks for a login name and a password. If the user does not input a valid pair, the system denies access. Because the password is assumed to be secret, the user’s privacy is ensured.
用户和用户组
在一个多用户系统中,每个用户有一个私有的空间,他拥有一些固定额度的硬盘空间用来存储文件,接受私有邮件消息等等;操作系统必须确保这个用户空间的私有部分仅对其所有者可见;
尤其是,它必须确保任何用户都不可以利用系统程序来达到侵犯其他用户隐私空间的目的。
所有用户通过叫用户ID/UID的唯一数字来识别。通常只允许有限数量的人使用计算机系统,当这些用户发起一个工作会话时,系统就会要求用户输入用户名和密码;如果如果用户输入的用户名和密码是非法的,那么系统就会拒绝访问;因为密码是保密的,所以用户的隐私就得到了保护。
To selectively share material with other users, each user is a member of one or more user groups, which are identified by a unique number called a user group ID. Each file is associated with exactly one group. For example, access can be set so the user owning the file has read and write privileges, the group has read-only privileges, and other users on the system are denied access to the file.
为了有选择的和其他用户共享资料,每个用户都是一个或几个用户组的成员,这个用户组通过一个被称为组ID的数字标识;每一个文件仅和一个用户组相关联;例如:设置一个文件的访问权限,使得这个文件的所有者具有读写权限,而组内其他用户有这个文件的只读权限,除此之外的其他人拒绝访问这个文件。
Any Unix-like operating system has a special user called root or superuser. The system administrator must log in as root to handle user accounts, perform maintenance tasks such as system backups and program upgrades, and so on. The root user can do almost everything, because the operating system does not apply the usual protection mechanisms to her. In particular, the root user can access every file on the system and can manipulate every running user program.
所有的类Unix操作系统都有一个特殊的用户叫root或者超级用户,系统管理员必须用root用户登录然后管理其他账户、进行诸如系统备份和程序升级等维护操作。root用户可以干所有的事情,因为操作系统并不会对其采用普通的保护机制,尤其要注意的是,root用户可以访问系统中的每一个文件而且可以对系统中运行的每一个用户进程进行所有操作。