Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for defining application program authority based on Linux system and electronic device

An application, system-defined technology, applied in the field of Linux operating system, which can solve the problem of inability to accurately control application access rights or execution rights.

Inactive Publication Date: 2019-02-12
SHENZHEN DIANMAO TECH CO LTD
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] In view of the above-mentioned deficiencies in the prior art, the purpose of the present invention is to provide a method and electronic device for defining application program permissions based on the Linux system, aiming to solve the problem in the prior art that the access authority or execution authority of the application program cannot be accurately controlled

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for defining application program authority based on Linux system and electronic device
  • Method for defining application program authority based on Linux system and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The present invention provides a method for defining application program permissions based on a Linux system, and an electronic device. In order to make the purpose, technical solution and effect of the present invention clearer and clearer, the present invention will be further described in detail below. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0035] see figure 1 , a method for defining application permissions based on a Linux system, comprising steps:

[0036] S1, adding the files accessible to the application to the whitelist through the namespace provided by the Linux system kernel in advance, and adding the files inaccessible to the application to the blacklist;

[0037] S2. Add executable system calls of the application program to the whitelist and add system calls not executable by the application program to the blacklist through system computing pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for defining the application program authority based on a Linux system and an electronic device. The method comprises the following steps of: adding the files accessible to application program into white list through namespace provided by the Linux system kernel in advance, and adding the files inaccessible to application program into a blacklist; adding the systemcall executable by an application program to the white list through a system calculation provided by a Linux system kernel, and adding a system call unexecutable by the application program to the blacklist, so that the application is prevented from accessing files in the blacklist or making system calls in the blacklist, even with the highest permissions, and accordingly, the users can accuratelycontrol files that are accessible and inaccessible to your application, as well as system calls that are not executable by the application and system calls that are executable.

Description

technical field [0001] The invention relates to the field of Linux operating systems, in particular to a method and electronic equipment for defining application program permissions based on the Linux system. Background technique [0002] Currently, in the Linux system, not only application programs can access process information, but also application programs can directly access system files of the Linux system. For example, direct access to the control panel and more. [0003] For security, scholars propose a method to define permission access. Specifically, when application A obtains system permissions, then application A can access system files or access process information of other applications; on the contrary, when application B does not obtain system permissions, then application B cannot Access system files or access process information for other applications. [0004] Although this method is simple and effective, this traditional permission control method only s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60
CPCG06F21/604G06F2221/2141
Inventor 李天驰孙悦黎龙宇李立强
Owner SHENZHEN DIANMAO TECH CO LTD