Another common approach is to start a program with privileges, which then forks a second process that gives up all privileges and then does most of the work.
另一个常见的方法是,使用特权启动一个程序,这个程序然后派生放弃所有特权的第二个进程,而由这个进程来做大部分工作。
With static SQL, users only receive privileges to execute the output of the bind process, known as the package.
对于静态SQL,用户仅接收权限来执行绑定过程的输出,也称为程序包。
By design, the module lives in the IIS process and runs under the system account with administrative privileges. This account cannot be modified by developers and system administrators.
按设计这个模块被放在IIS进程中,运行在带有管理员权限的系统帐户下,该账户不能有编程人员和系统管理员修改。
The process needs special authority, which is given by these privileges.
该进程需要由这些权限提供的特殊授权。
With static SQL, users only receive privileges to execute the output of the bind process, known as the package, and that package contains the SQL statements.
使用静态SQL,用户仅收到执行绑定进程输出(称为包)的权限,并且该包包含sql语句。
For example, you could have a small "server" process that has special privileges; that server allows only certain requests, and only after verifying that the requester is allowed to make the request.
例如,您可以有一个具有特定特权的小的“服务器(server)”进程;那个服务器只允许特定的请求,而且只是在确认请求者被允许发出请求之后。
Similarly, a setgid process runs with the privileges associated with the group owner of the file.
类似地,一个setgid进程是用与文件的组所有者相关联的权限运行的。
An exception to this inheritance rule, where a process might acquire greater privileges than its owner, is an application with the special setuid or setgid bit enabled, as shown by ls.
这一继承规则有一个例外情况,即应用程序启用了特殊的setuid或setgid位,如ls显示的那样,在此情况下,某个进程可能会获得比其所有者更高的权限。
A setuid process, such as launching top, runs with the privileges of the user who owns the file.
一个setuid进程(如启动top)是用拥有该文件的用户权限运行的。
For example, if the SECADM needs to alter the privileges for the branch in New York, she can alter the definition for the role without having to replicate the process for all users.
例如,如果SECADM需要修改NewYork分公司的特权,那么她可以修改角色的定义,而不必为所有用户重复该过程。
One approach is to run as root, open the privileged port as soon as possible, and then permanently drop root privileges (including any privileged groups the process belongs to).
一个方法是以root 身份运行,尽可能快地打开需要特权的端 口,然后永久去除 root特权(包括进程所属的任何有特权的组)。
With the Shared Model architecture, changes made in one process element are (depending on access privileges) immediately visible and accessible to other process elements.
借助SharedModel架构,在一个流程元素内所作的更改会(根据访问权限)立即可见并可由其他流程元素访问。
The truss command can either execute a specified command or attach to an existing process to produce a trace (assuming that you own the running process or have root privileges).
truss命令既可以执行指定的命令,也可以附加到现有的进程上生成跟踪(假设您拥有这个正在运行的进程或者具有根特权)。
The truss command can either execute a specified command or attach to an existing process to produce a trace (assuming that you own the running process or have root privileges).
truss命令既可以执行指定的命令,也可以附加到现有的进程上生成跟踪(假设您拥有这个正在运行的进程或者具有根特权)。
应用推荐