<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Secure Programming for Linux HOWTO: Linux �$B$N%;%-%e%j%F%#5!G=$K$D$$$F$N35MW�(B</TITLE>
<LINK HREF="Secure-Programs-HOWTO-4.html" REL=next>
<LINK HREF="Secure-Programs-HOWTO-2.html" REL=previous>
<LINK HREF="Secure-Programs-HOWTO.html#toc3" REL=contents>
</HEAD>
<BODY>
<A HREF="Secure-Programs-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="Secure-Programs-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="Secure-Programs-HOWTO.html#toc3">�$BL\<!$X�(B</A>
<HR>
<H2><A NAME="s3">3. Linux �$B$N%;%-%e%j%F%#5!G=$K$D$$$F$N35MW�(B</A></H2>
<P>Linux �$B$N%;%-%e%j%F%#5!G=$K$D$$$F$N%,%$%I%i%$%s$r8!F$$9$kA0$K!"%W%m%0%i%^�(B
�$B$N4QE@$G$=$l$i$N5!G=$rM}2r$7$F$*$-$^$7$g$&!#�(B
�$B$3$N%;%/%7%g%s$G$O$=$l$i$N5!G=$K$D$$$F354Q$7$^$9!#$9$G$KM}2r$5$l$F$$$k>l9g�(B
�$B$OFI$_Ht$P$7$F$/$@$5$$!#�(B
<P>�$B%W%m%0%i%_%s%0!&%,%$%I$NB?$/$O!"�(BLinux �$B$N%;%-%e%j%F%#4XO"$N9`L\$r7Z$/�(B
�$B:Q$^$7$F$7$^$$!"Bg@Z$J>pJs$r>J$$$F$7$^$C$F$$$^$9!#�(B
�$BFC$K!V$I$&$d$C$F;HMQ$9$k$N$+!W$r$+$$$D$^$s$G@bL@$9$k>l9g$,B?$/!"�(B
�$B$=$N5!G=$r;HMQ$9$k$3$H$K$h$C$F@8$8$k%;%-%e%j%F%#>e$NLdBj$K$D$$$F$O!"�(B
�$B$&$o$Y$N@bL@$K$7$+9T$C$F$$$^$;$s!#�(B
�$B5U$K8D!9$N5!G=$K$D$$$F$O!"%^%K%e%"%k$N3:Ev$9$k%Z!<%8$K>\:Y$J>pJs$,$?$/$5$s�(B
�$B=q$+$l$F$$$^$9!#$7$+$7!"%^%K%e%"%k%Z!<%8$N5-=R$O>\:Y$9$.$FA4BNA|$NGD0.$r�(B
�$B:$Fq$K$7$,$A$G$9!#�(B
�$B$3$N%;%/%7%g%s$G$O!"$=$N%.%c%C%W$rKd$a$h$&$H;W$$$^$9!#%W%m%0%i%^$,;H$$$=$&�(B
�$B$J�(B Linux �$B$K$*$1$k%;%-%e%j%F%#$N$7$/$_$r354Q$7$^$9!#�(B
�$B0lHLE*$J%W%m%0%i%_%s%0!&%,%$%I$h$j$b$&>/$7?<$/%;%-%e%j%F%#$K4X$9$k;v9`$K�(B
�$B>GE@$rEv$F!"$5$i$K>\:Y$J>pJs$,F@$i$l$k$h$&!";29MJ88%$r$"$2$?$$$H;W$$$^$9!#�(B
UNIX �$B$G%W%m%0%i%_%s%0$r$5$l$?J}!9$K$H$C$F$O!"$9$G$K$*$J$8$_$N$3$H$G$9$,!"�(B
Linux �$B$G3HD%$5$l$?5!G=$d8GM-$N5!G=$b$$$/$D$+$"$j$^$9!#$=$N5!G=$K$S$C$/$j�(B
�$B$9$k$+$b$7$l$^$;$s!#�(B
�$B$3$N%;%/%7%g%s$G$O$=$l$i$NAj0cE@$rL@$i$+$K$7$F$$$-$^$9!#�(B
<P>�$B$^$:$O4pK\E*$J$H$3$m$+$i!#�(B
�$BK\Mh�(B Linux �$B$H$O�(B 2 �$B$D$NItJ,$+$i@.$jN)$C$F$$$F!"$=$l$>$l�(B Linux �$B%+!<%M%k�(B
(�$B5Z$S%+!<%M%k!&%b%8%e!<%k�(B)�$B$H!V%f!<%6!<6u4V!W$H8F$P$l$F$$$^$9!#%f!<%66u4V$O�(B
�$B%+!<%M%k>e$K$"$j!"$=$3$GMM!9$J%W%m%0%i%`$,F0$$$F$$$^$9!#�(B
�$B%f!<%6$,%m%0%$%s$9$k$H!"%f!<%6L>$O$=$N%f!<%6$,B0$7$F$$$k�(B uid(�$B%f!<%6�(B ID)�$B$H�(B
gid(�$B%0%k!<%W�(B ID)�$B$rI=$9@0?tCM$K3d$jEv$F$i$l$^$9!#�(B
uid �$B$,�(B 0 �$B$N%f!<%6$OFCJL$J8"8B�(B(�$BLr3d�(B)�$B$r;}$C$F$$$F!"!V�(Broot�$B!W$H8@$o$l$F$$$^$9!#�(B
root �$B$O%;%-%e%j%F%#!&%A%'%C%/$r$[$H$s$I<u$1$k$3$H$,$J$/!"%7%9%F%`4IM}$r�(B
�$B9T$&>l9g$K;HMQ$5$l$k%f!<%6$G$9!#�(B
�$B%;%-%e%j%F%#$+$i8+$FM#0l!VBP>]!W$H$J$k$b$N!"$=$l$,%W%m%;%9$G$9�(B(�$B$D$^$j!"�(B
�$B$$$m$$$m$J$3$H$r<B9T$7$F$$$k@5BN$O!"%W%m%;%9$=$N$b$N$J$N$G$9�(B)�$B!#�(B
�$B%W%m%;%9$OMM!9$J%G!<%?$K%"%/%;%9$7$^$9!#$=$l$O%U%!%$%k%7%9%F%`�(B(FSO)�$B$G�(B
�$B$"$C$?$j!"�(BSystem V �$B$N%W%m%;%94VDL?.�(B(IPC)�$B$G$"$C$?$j!"%M%C%H%o!<%/!&%]!<%H�(B
�$B$G$"$C$?$j$7$^$9!#�(B
�$B$b$&>/$7$3$NE@$K$D$$$F!">\$7$/8+$F$$$/$3$H$K$7$^$7$g$&!#�(B
<H2><A NAME="ss3.1">3.1 �$B%W%m%;%9$H$O�(B</A>
</H2>
<P>Linux �$B$G$O%f!<%6!&%l%Y%k$G$NF0:n$r%W%m%;%9$rF0$+$9$3$H$G<B8=$7$F$$$^$9!#�(B
�$BFHN)$7$?!V%9%l%C%I!W$r%5%]!<%H$9$k%7%9%F%`$,B?$$$N$G$9$,!"�(BLinux �$B$G$O�(B
�$B%9%l%C%I$=$l$>$l$rJ#?t$N%W%m%;%9$H$7$FAv$i$;$F<B8=$7$F$$$k$h$&$G$9�(B(Linux
�$B%+!<%M%k$O:GE,2=$r$O$+$k$3$H$K$h$C$F!"%9%l%C%IJB$N<B9TB.EY$r2T$$$G$$$^$9�(B)�$B!#�(B
<P><B>�$BLuCp!'�(B</B>Linux �$B$N%9%l%C%I$O%f!<%6!&%l%Y%k$G$O$J$/!"%+!<%M%k!&%l%Y%k�(B
�$B$N%9%l%C%I$G!"%+!<%M%k$,%9%l%C%I$N@)8f$r9T$C$F$$$^$9!#�(Bfork() �$B$HF1$8$/�(B
�$B;R%W%m%;%9$r5/$3$7$^$9$,!"%3%s%F%-%9%H$N2?$r?F%W%m%;%9$H6&M-$G$-$k$+$r�(B
�$B;XDj$G$-$^$9!#�(B
<P>
<H3>�$B%W%m%;%9$,;}$C$F$$$kB0@-�(B</H3>
<P>�$B$=$l$>$l$N%W%m%;%9$O!"<!$N$h$&$J%;%-%e%j%F%#4XO"$NB0@-$r;}$C$F$$$^$9!#�(B
<UL>
<LI>ruid�$B!"�(Brgid - �$B<B%f!<%6�(B ID �$B$H�(B �$B<B%0%k!<%W�(B ID�$B$N$3$H$G!"%W%m%;%9�(B
�$B$r<B:]$KAv$i$;$F$$$k%f!<%6$rI=$9�(B</LI>
<LI>euid�$B!"�(Begid - �$B<B8z%f!<%6�(B ID �$B$H�(B �$B<B8z%0%k!<%W�(B ID�$B$N$3$H$G!"8"8B$N%A%'%C%/�(B
�$B$N$?$a$KMQ$$$k�(B(�$B%U%!%$%k%7%9%F%`$O=|$/�(B)</LI>
<LI>fsuid�$B!"�(Bfsgid - �$B%U%!%$%k%7%9%F%`$X$N%"%/%;%98"8B$r%A%'%C%/$9$k$?$a$K�(B
�$BMQ$$$k!#DL>o�(B euid�$B!"�(Begid �$B$HEy$7$$!#�(B
�$B$3$NB0@-$O�(B Linux �$BFH<+$G$"$k�(B</LI>
<LI>suid�$B!"�(Bsgid - �$BJ]B8%f!<%6�(B ID �$B$H�(B �$BJ]B8%0%k!<%W�(B ID�$B!#%Q!<%_%C%7%g%s$r!V%*%s!W�(B
�$B$b$7$/$O!V%*%U!W$K$9$k>l9g$K;HMQ$9$k!#>\$7$/$O8e=R$9$k�(B</LI>
<LI>groups - �$B%f!<%6$,B0$7$F$$$k%0%k!<%W�(B(GID)�$B$N%j%9%H�(B</LI>
<LI>umask - �$B?7$7$/%U%!%$%k$d%G%#%l%/%H%j$r:n$k>l9g$K!"$=$N%G%U%)%k%H$N%"%/�(B
�$B%;%9@)8B$r@_Dj$9$k$N$K;HMQ$5$l$k%S%C%HCM!#�(Bumask(2)�$B$r;2>H$N$3$H�(B</LI>
<LI>�$B%9%1%8%e!<%j%s%0$r@_Dj$9$k%Q%i%a%?�(B - �$B%W%m%;%9$O$=$l$>$l$N%9%1%8%e!<�(B
�$B%j%s%0J}?K$K$b$H$E$$$FF0$$$F$*$j!"%G%U%)%k%H$NJ}?K$O�(B SCHED_OTHER �$B$G$"$k!#�(B
SCHED_OTHER �$B$O%Q%i%a%?$H$7$F�(B nice �$BCM!"M%@hEY�(B(priority)�$B$H%+%&%s%?$r�(B
�$B;}$C$F$$$k!#>\:Y$O�(B sched_setscheduler(2)�$B$r;2>H$N$3$H�(B
<P><B>�$BLuCp!'�(B</B>�$B$3$3$G=R$Y$i$l$F$$$k!V%+%&%s%?!W$H$O!"%W%m%;%9$N<B9TMzNr�(B
�$B$r7WB,$9$k$?$a$KMQ$$$i$l$k%+%&%s%?$r0UL#$7$^$9!#�(B
<P>
</LI>
<LI>�$B%1%$%Q%S%j%F%#�(B - POSIX �$B$GDj5A$5$l$F$$$k%1%$%Q%S%j%F%#>pJs!#%;%-%e%j�(B
�$B%F%#4XO"$N5!G=$H$7$F!"<B8z!"7Q>5!"5v2D$N�(B 3 �$B<oN`$N5!G=$,$"$k!#>\$7$/$O�(B
�$B2<5-;2>H$N$3$H�(B</LI>
<LI>limit - �$B%W%m%;%9C10L$K$=$N%W%m%;%9$,;HMQ$G$-$k%j%=!<%9$r@)8B$9$k�(B
(�$B2<5-;2>H�(B) </LI>
<LI>�$B%U%!%$%k%7%9%F%`$N%k!<%H$N0LCV�(B - �$B%W%m%;%9$+$i8+$?%k!<%H!&%U%!%$%k%7%9�(B
�$B%F%`$N0LCV!#�(Bchroot(2)�$B;2>H$N$3$H�(B</LI>
<LI></LI>
</UL>
<P>�$BB0@-$H%W%m%;%9$,<B:]$I$N$h$&$K4XO"$7$F$$$k$N$+$rCN$j$?$1$l$P!"�(BLinux �$B$N�(B
�$B%=!<%9!&%3!<%I$r;2>H$7$F$/$@$5$$!#�(Binclude/linux/sched.h �$B$GDj5A$5$l$F$$$k�(B
�$B9=B$BN$N�(B task_struct �$B$,%-!<%]%$%s%H$G$9!#�(B
<H3>POSIX �$B%1%$%Q%S%j%F%#�(B</H3>
<P>Linux �$B%+!<%M%k�(B 2.2 �$B$N5!G=$H$7$F!V�(BPOSIX �$B%1%$%Q%S%j%F%#!W$,%5%]!<%H$5$l$F�(B
�$B$$$^$9!#�(B
POSIX �$B$N%1%$%Q%S%j%F%#$O!"DL>o�(B root �$B$,;}$C$F$$$k8"8B$r$$$/$D$+$KJ,3d$7$F!"�(B
�$BFH<+$K8"8B$NBN7O$r:F9=@.$7$F$$$^$9!#�(B
POSIX �$B%1%$%Q%S%j%F%#$O!"�(BIEEE(�$BJF9qEE5$EE;RDL?.3X2q�(B)�$BI8=`$N%I%i%U%H$GDj5A$5$l$F�(B
�$B$$$^$9!#$7$?$,$C$F�(B Linux �$B8GM-$N5!G=$G$O$"$j$^$;$s$,!"B>$N�(B UNIX �$B%i%$%/$J%7%9�(B
�$B%F%`$G9-$/:NMQ$5$l$F$$$k$o$1$G$O$"$j$^$;$s!#�(B
Linux �$B$N%I%-%e%a%s%H�(B(�$B$3$N%I%-%e%a%s%H$b4^$a�(B)�$B$NCf$G!"!V�(Broot �$B$N8"8B$,I,MW$G�(B
�$B$"$k!W$H=q$$$F$"$C$?>l9g!"!V%1%$%Q%S%j%F%#$,I,MW$G$"$k!W$H$[$\F1$80UL#$K�(B
�$B$J$k!"$H%1%$%Q%S%j%F%#$K$D$$$F$N%I%-%e%a%s%H$K=R$Y$i$l$F$$$^$9!#�(B
�$B8D!9$N%1%$%Q%S%j%F%#$K$D$$$FCN$j$?$$>l9g$O!"2<5-$N%1%$%Q%S%j%F%#$K4X$9$k�(B
�$B%I%-%e%a%s%H$rFI$s$G$/$@$5$$!#�(B
<P>�$B%U%!%$%k%7%9%F%`>e$K$"$k3F%U%!%$%kKh$K%1%$%Q%S%j%F%#$,E,MQ$5$l$k$3$H$,�(B
�$B:G=*E*$JL\I8$J$N$G$9$,!"$3$N%I%-%e%a%s%H$r=q$$$F$$$k;~E@$G$O$^$@%5%]!<%H�(B
�$B$5$l$F$$$^$;$s!#�(B
�$BE>Aw5!G=$KBP$9$k%1%$%Q%S%j%F%#$O%5%]!<%H$5$l$F$$$^$9$,!"%G%U%)%k%H$G$OL58z�(B
�$B$K$J$C$F$$$^$9!#�(B
�$B%+!<%M%k�(B 2.2.11 �$B$G$O%1%$%Q%S%j%F%#$r99$K?H6a$K;H$$$d$9$/$9$k$7$/$_$G$"$k�(B
�$B!V%1%$%Q%S%j%F%#!&%P%&%s%G%#%s%0!&%;%C%H�(B(capability bounding set)�$B!W$,<h$j�(B
�$BF~$l$i$l$^$7$?!#�(B
�$B$3$N$7$/$_$O!"%7%9%F%`>e$G2TF0$7$F$$$k$9$Y$F$N%W%m%;%9$,MxMQ$G$-$k%1%$%Q�(B
�$B%S%j%F%#$N%j%9%H$rMQ0U$7$^$9�(B(�$BFCJL$J�(B init �$B%W%m%;%9$@$1$,MxMQ$G$-$k%1%$%Q�(B
�$B%S%j%F%#$b$"$j$^$9�(B)�$B!#�(B
�$B$"$k%1%$%Q%S%j%F%#$,%j%9%H$K$J$$>l9g!"8"8B$,$I$&$G$"$l!"$I$N%W%m%;%9$b$=$N�(B
�$B%1%$%Q%S%j%F%#$rMxMQ$G$-$^$;$s!#�(B
�$B$3$N5!G=$r;H$C$F$$$kNc$H$7$F!"%+!<%M%k%b%8%e!<%k$NFI$_9~$_$rL58z$K$9$k>l9g�(B
�$B$,$"$2$i$l$^$9!#�(B
�$B$^$?$&$^$/$3$N5!G=$r3hMQ$7$F$$$k%D!<%k$H$7$F!"�(B
<A HREF="http://pweb.netcom.com/~spoon/lcap/">http://pweb.netcom.com/~spoon/lcap/</A> �$B$K$"$k�(B LCAP �$B$,$"$2$i$l$^$9!#�(B
<P><B>�$BLuCp!'�(B</B>LCAP �$B$O!"%+!<%M%k$,%5%]!<%H$7$F$$$k%1%$%Q%S%j%F%#$rL58z$K$9$k�(B
�$B$3$H$K$h$C$F!"%7%9%F%`$r$h$j0BA4$K$9$k$7$/$_$G$9!#�(B
<P>POSIX �$B%1%$%Q%S%j%F%#$N>\:Y$K$D$$$F$O!"�(B
<A HREF="ftp://linux.kernel.org/pub/linux/libs/security/linux-privs">ftp://linux.kernel.org/pub/linux/libs/security/linux-privs</A>
�$B$r;2>H$7$F$/$@$5$$!#�(B
<P><B>�$BLuCp!'�(B</B>�$B>e5-�(B ftp �$B%5!<%P!<$O�(B anonymous �$B%f!<%6$NMxMQ$rG'$a$F$$$^$;$s!#�(B
<A HREF="ftp://ftp.kernel.org/pub/linux/libs/security/linux-privs">ftp://ftp.kernel.org/pub/linux/libs/security/linux-privs</A>
�$B$rMxMQ$7$F$/$@$5$$!#�(B
<H3>�$B%W%m%;%9$N:n@.$H$=$NA`:n�(B</H3>
<P>�$B%W%m%;%9$O�(B fork(2)�$B$b$7$/$O�(B vfork(2)(�$B;HMQ$7$J$$J}$,$h$$�(B)�$B!"�(Bclone(2)(Linux �$BFH<+�(B)
�$B$r;H$C$F:n@.$7$^$9!#$3$l$i$N%7%9%F%`%3!<%k$9$Y$F$O!"4{B8$N%W%m%;%9$r�(B
�$B%3%T!<$7$F!"�(B2 �$B$D$N%W%m%;%9$r@8@.$7$^$9!#�(B
�$B%W%m%;%9$O�(B execve(2)�$B$d$=$N%U%m%s%H%(%s%I$r%3!<%k$7$F!"JL!9$N%W%m%0%i%`$r<B9T�(B
�$B$G$-$^$9�(B(�$B%U%m%s%H%(%s%I$H$7$F!"�(Bexec(3)�$B!"�(Bsystem(3)�$B!"�(Bpopen(3)�$B$r;2>H$7$F$/$@�(B
�$B$5$$�(B)�$B!#�(B
<P>�$B$"$k%W%m%0%i%`$r<B9T$9$k;~$K%U%!%$%k$K�(B setuid �$B%S%C%H$,N)$C$F$$$k$H!"�(B
�$B$=$N%W%m%;%9$N�(B euid �$B$K$O%U%!%$%k$N�(B uid �$B$,@_Dj$5$l$^$9!#�(B
setgid �$B$,N)$C$F$$$k$H�(B egid �$B$K%U%!%$%k$N�(B gid �$B$,@_Dj$5$l$^$9!#�(B
Linux �$B>e$G$O!"%7%'%k%9%/%j%W%H$N$h$&$J%9%/%j%W%HA4HL$KBP$7$F!"$3$N$h$&$J�(B
�$B%S%C%H$N@_Dj$O$5$l$J$$$3$H$rK:$l$J$$$G$/$@$5$$!#�(B
�$B$3$N$h$&$J$3$H$,%9%/%j%W%H$G@_Dj$G$-$F$7$^$&$H!"%;%-%e%j%F%#>eHs>o$K4m81$J�(B
�$B$3$H$K$J$k$+$i$G$9�(B(UNIX �$B%i%$%/$J%7%9%F%`$NCf$K$O�(B setuid �$B$5$l$F$$$k%9%/%j%W%H�(B
�$B$,F0$/$b$N$b$"$j$^$9�(B)�$B!#�(B
�$BNc30$H$7$F!"�(B Perl �$B$OFCJL$J@_Dj$r$[$I$3$9$H!"�(Bsetuid �$B$5$l$F$$$k�(B Perl �$B%9%/%j%W%H�(B
�$B$,<B9T$G$-$k$h$&$K$J$j$^$9!#�(B
<P>�$B>l9g$K$h$C$F!"%W%m%;%9$O$$$/$D$+$"$k�(B uid �$B$d�(B gid �$B$NCM$rJQ99$G$-$^$9!#�(B
setuid(2)�$B!"�(Bseteuid(2)�$B!"�(Bsetreuid(2)�$B!"�(Bsetfsuid(2)�$B$r;2>H$7$F$/$@$5$$!#�(B
�$BFC$K�(B suid �$B$N>l9g$O!"?.Mj$G$-$k%W%m%0%i%`$,0l;~E*$K$=$N�(B uid �$BCM$rJQ99$G$-$^$9!#�(B
ruid �$B$NJQ99$b$7$/$O�(B euid �$B$,�(B ruid �$B$H0[$J$kCM$K$7$?>l9g$O�(B suid �$B$K$O?7$7$$�(B euid
�$B$NCM$,@_Dj$5$l$^$9!#�(B
�$BFC8"$r$b$?$J$$%f!<%6$O!"<+J,$N�(B suid �$B$+$i<+J,$N�(B euid �$B$r!"�(Bruid �$B$+$i�(B euid �$B$r!"�(B
euid �$B$+$i�(B ruid �$B$r@_Dj$G$-$^$9!#�(B
<P>fsuid �$B%W%m%;%9B0@-$O!"�(BNFS �$B%5!<%P$N$h$&$J%W%m%0%i%`$N8"8B$r!";XDj$5$l$?�(B
�$B$$$/$D$+$N�(B UID �$B$N%U%!%$%k%7%9%F%`8"8B$K@)8B$G$-$k$h$&$K$9$k$?$a$N$b$N$G$9!#�(B
�$B$3$N:]!"$=$N�(B UID �$B$K$O%W%m%;%9$X%7%0%J%k$rAw$l$k5v2D$OM?$($^$;$s!#�(B
euid �$B$,JQ99$5$l$k$H�(B fsuid �$B$O?7$7$$�(B euid �$B$NCM$KJQ99$5$l$^$9!#�(Bfsuid �$B$O�(B
setfsuid(2)�$B$H$$$&�(B Linux �$B8GM-$N%7%9%F%`%3!<%k$r;H$C$F@_Dj$9$k$3$H$b$G$-$^$9!#�(B
root �$B0J30$+$i8F$S=P$5$l$?>l9g$O!"�(Bfsuid �$B$K$O8=:_$N�(B ruid �$BCM!"�(Beuid �$BCM!"�(Bseuid �$BCM!"�(B
�$B$"$k$$$O8=:_$N�(B fsuid �$BCM$7$+@_Dj$G$-$^$;$s!#�(B
<H2><A NAME="ss3.2">3.2 �$B%U%!%$%k%7%9%F%`�(B</A>
</H2>
<P>�$B%U%!%$%k%7%9%F%`$N9=@.MWAG�(B(FSO)�$B$O!"DL>o$N%U%!%$%k!"%G%#%l%/%H%j!"%7%s%\%j%C%/�(B
�$B%j%s%/!"L>A0IU$-%Q%$%W�(B(FIFO)�$B!"%=%1%C%H!"%-%c%i%/%?%9%Z%7%c%k�(B(�$B%G%P%$%9�(B)
�$B%U%!%$%k!"%V%m%C%/%9%Z%7%c%k�(B(�$B%G%P%$%9�(B)�$B%U%!%$%k$,$"$j$^$9�(B(find(1)�$B%3%^%s%I$K�(B
�$B$=$N0lMw$,$"$j$^$9�(B)�$B!#�(B
�$B$3$l$i$O%U%!%$%k%7%9%F%`$K$h$C$F@)8f$5$l!"%U%!%$%k%7%9%F%`$r9=@.$9$k%G%#%l�(B
�$B%/%H%j>e$G%^%&%s%H!?%"%s%^%&%s%H$7$FMxMQ$7$^$9!#�(B
�$B%U%!%$%k%7%9%F%`<+?H$O!"$3$l$i9=@.MWAG$H$OB?>/0[$J$k%"%/%;%9@)8B$NB0@-$r�(B
�$B;}$C$F$$$F!"%^%&%s%H;~$K%*%W%7%g%s$r@_Dj$9$k$3$H$K$h$C$F!"%"%/%;%9@)8B$r�(B
�$B$+$1$k$3$H$,2DG=$G$9!#�(B
<P>
<H3>�$B%U%!%$%k%7%9%F%`$N9=@.MWAG$NB0@-�(B</H3>
<P>�$B:#$N$H$3$m�(B Linux �$B$G$O�(B ext2 �$B$,:G$b0lHLE*$J%U%!%$%k%7%9%F%`$G$9!#%U%!%$%k%7%9�(B
�$B%F%`$N9=@.MWAG$,;}$C$F$$$kB0@-$O2<5-$NDL$j$G$9!#�(B
<UL>
<LI>�$B=jM-�(B uid �$B$H�(B gid - �$B$3$l$r;H$C$F!"9=@.MWAG$N!V=jM-<T!W$r<1JL$G$-$k!#�(B
�$BFCJL$J@_Dj$r$7$J$1$l$P!"IaDL=jM-<T$b$7$/$O�(B root �$B$@$1$,%"%/%;%9@)8B$K�(B
�$B4X$9$kB0@-$rJQ99$G$-$k�(B</LI>
<LI>�$B%f!<%6�(B(�$B=jM-<T�(B)�$B!"%0%k!<%W$=$l0J30Kh$K!"FI$_9~$_!?=q$-9~$_!?<B9T$N8"8B�(B
�$B$rI=$9%S%C%H$,$"$k!#�(B
�$BDL>o$N%U%!%$%k$N>l9g$O!"FI$_!?=q$-!?<B9T$H$$$&J8;zDL$j$N0UL#$r;}$D!#�(B
�$B%G%#%l%/%H%j$N>l9g$O!"!VFI$_9~$_!W%Q!<%_%C%7%g%s$O$=$N%G%#%l%/%H%j$NCf$r�(B
�$B8+$i$l$k$3$H0UL#$7!"!V<B9T!W%Q!<%_%C%7%g%s$O!"JLL>!V8!:w!W%Q!<%_%C%7%g%s�(B
�$B$H$b8@$o$l!"<B:]$K$=$N%G%#%l%/%H%j$KF~$C$F!"$=$3$K$"$k$b$N$r;HMQ$9$k$3$H�(B
�$B$,$G$-$k!#�(B
�$B!V=q$-9~$_!W%Q!<%_%C%7%g%s$O$=$N%G%#%l%/%H%j$G%U%!%$%k$NDI2C!":o=|!"JQ99�(B
�$B$,$G$-$k!#DI2C$@$1$r5v2D$5$;$?$$>l9g$O!"2<5-$K@bL@$9$k�(B sticky �$B%S%C%H$r�(B
�$BN)$F$k$3$H!#�(B
�$B%7%s%\%j%C%/%j%s%/$N%Q!<%_%C%7%g%s$O0UL#$r;}$?$J$$$3$H$KCm0U$9$k$3$H!#�(B
�$B0UL#$r;}$D$N$O!"%7%s%\%j%C%/%j%s%/$r4^$`%G%#%l%/%H%j$H%j%s%/@h$N%U%!%$%k�(B
�$B$NCM$@$1$G$"$k�(B</LI>
<LI>�$B!V�(Bsticky �$B%S%C%H!W�(B - �$B%G%#%l%/%H%j$K@_Dj$5$l$k$H!":o=|$d0\F0$O�(B root�$B!"�(B
�$B%U%!%$%k$N=jM-<T!"$b$7$/$O%G%#%l%/%H%j$N=jM-<T$7$+9T$($J$/$J$k!#�(B
�$B$3$l$O�(B UNIX �$B0lHL$GMxMQ$5$l$F$$$k3HD%5!G=$@$,!"$=$NB>$N%*%Z%l!<%F%#%s%0�(B
�$B%7%9%F%`$G$O0lHLE*$G$O$J$$!#�(B
sticky �$B%S%C%H$O!"DL>o$N%U%!%$%k$KBP$7$F$O2?$N1F6A$bM?$($J$$!#$^$?0lHL�(B
�$B%f!<%6$G$b@_Dj$,$G$-$k!#�(B
�$B8E$$%P!<%8%g%s$N�(B UNIX �$B$G$O!V�(Bsave program text�$B!W%S%C%H$H8F$P$l!"%a%b%j�(B
�$B$K>oCs$9$k�(B(�$B%9%o%C%W%"%&%H$7$J$$�(B)�$B<B9T7A<0%U%!%$%k$G$"$k$3$H$r<($7$F$$$?$,!"�(B
Linux �$B$,2>A[%a%b%j4IM}$r<BAu$9$k$K$$$?$C$F!"$9$?$l$F$7$^$C$?�(B</LI>
<LI>setuid�$B!"�(Bsetgid - �$B<B9T7A<0%U%!%$%k$K@_Dj$5$l$k$H!"<B8z�(B uid �$B$H�(B gid �$B$K�(B
�$B$=$N%U%!%$%k$N=jM-<T�(B ID �$B$H�(B gid �$B$,@_Dj$5$l$k�(B(�$B3F!9FHN)$K�(B)�$B!#�(B
�$B$3$N5!G=$O$9$Y$F$N�(B UNIX �$B%i%$%/$J%7%9%F%`$,%5%]!<%H$7$F$$$k!#�(B
setgid �$B$,%G%#%l%/%H%j$K@_Dj$5$l$k$H!"$=$N%G%#%l%/%H%j$K:n@.$5$l$k%U%!%$%k�(B
�$B$O<+F0E*$K$=$N%G%#%l%/%H%j$N�(B gid �$BCM$K@_Dj$7D>$5$l$k!#�(B
setgid �$B$,<B9T8"$r$^$C$?$/;}$?$J$$%U%!%$%k$K@_Dj$5$l$k$H!"$=$N%U%!%$%k$,�(B
�$B%"%/%;%9$5$l$F$$$k;~$K!"6/@)%m%C%/�(B(mandatory locking)�$B$,$=$N%U%!%$%k$K�(B
�$B$+$+$k$3$H$r<($9�(B(�$B$?$@$7!"%^%&%s%H$7$F$$$k%U%!%$%k%7%9%F%`$,6/@)%m%C%/$r�(B
�$B%5%]!<%H$7$F$$$l$P�(B)�$B!#$3$N$7$/$_$OIi2Y$,Hs>o$K=E$/!"�(BUNIX �$B%i%$%/$J%7%9%F%`$G�(B
�$B9-$/:NMQ$5$l$F$O$$$J$$�(B
<P><B>�$BLuCp!'�(B</B>�$B%U%!%$%k$N%m%C%/5!G=$K$O!"6/@)%m%C%/�(B(mandatory locking)�$B$H�(B
�$B%"%I%P%$%6%j!&%m%C%/�(B(advisory locking)�$B$,$"$j$^$9!#0c$$$O!"A0<T$,�(B
�$B%+!<%M%k$,%W%m%;%9$r4F;k$7%m%C%/A`:n$r9T$&$N$G!"%W%m%;%94V$N0MB8�(B
�$B4X78$r1[$($F%m%C%/$,2DG=$G$9!#�(B
�$B$3$l$KBP$7$F8e<T$O!"%W%m%;%9<+?H$,%m%C%/A`:n$r9T$&$N$G!"$=$N�(B
�$B%W%m%;%9$N@)8f30$N$b$N$KBP$7$F$O%m%C%/$,L58z$H$J$j$^$9!#�(B
�$B>\$7$/$O!"%+!<%M%kIUB0$N%I%-%e%a%s%H$N�(B
<A HREF="file:///usr/src/linux/Documentation/mandatory.txt">mandatory.txt</A> �$B$r;2>H$7$F$/$@$5$$!#�(B
<P>
</LI>
<LI>�$B%?%$%`%9%?%s%W�(B - �$B%U%!%$%k%7%9%F%`$N9=@.MWAG$K$O!"%"%/%;%9$7$?;~4V�(B
�$B$b$7$/$O=$@5$r$+$1$?;~4V$,J]B8$5$l$F$$$k!#$7$+$7=jM-<T$O<+M3$K$3$l$i�(B
�$B$NCM$rJQ99$G$-$k$N$G�(B(touch(1)�$B$r;2>H�(B)�$B!"$3$N>pJs$r0B0W$K?.Mj$7$J$$$3$H!#�(B
�$B$3$N$7$/$_$O!"$9$Y$F$N�(B UNIX �$B%i%$%/$N%7%9%F%`$G%5%]!<%H$5$l$F$$$k�(B</LI>
<LI>�$BJQ99IT2D�(B(immutable)�$B%S%C%H�(B - �$B%U%!%$%k%7%9%F%`$N9=@.MWAG$KBP$7$F$$$+$J$k�(B
�$BJQ99$bG'$a$J$$!#�(B
�$B$3$l$O!"�(Broot �$B$@$1$,@_Dj$H2r=|$,$G$-$k!#�(B
�$B$3$N$7$/$_$O!"�(Bext2 �$B%U%!%$%k%7%9%F%`$@$1$,%5%]!<%H$7$F$*$j!"$9$Y$F$N�(B UNIX
�$B%7%9%F%`�(B(�$B>l9g$K$h$C$F$O�(B Linux �$B%7%9%F%`$G$b�(B)�$B$GMxMQ$G$-$k$o$1$G$O$J$$�(B</LI>
<LI>�$BDI2C8BDj�(B(append-only bit)�$B%S%C%H�(B - �$B%U%!%$%k%7%9%F%`$X$NDI2C$@$1$,5v2D�(B
�$B$5$l$k!#�(B
�$B$3$l$O!"�(Broot �$B$@$1$,@_Dj$H2r=|$,$G$-$k!#�(B
�$B$3$N$7$/$_$O!"�(Bext2 �$B%U%!%$%k%7%9%F%`$@$1$,%5%]!<%H$7$F$*$j!"$9$Y$F$N�(B UNIX
�$B%7%9%F%`�(B(�$B>l9g$K$h$C$F$O�(B Linux �$B%7%9%F%`$G$b�(B)�$B$GMxMQ$G$-$k$o$1$G$O$J$$�(B</LI>
</UL>
<P>�$B>e5-$NCM$NB?$/$O!"%^%&%s%H;~$KE,MQ$5$l$^$9!#$7$?$,$C$F!"$"$k%S%C%HCM$,$9$G$K�(B
�$BCM�(B(�$BG^BN>e$NCM$,2?$G$"$l�(B)�$B$r;}$C$F$$$?$+$N$h$&$K07$o$l$k>l9g$b$"$j$^$9!#�(B
�$B>\$7$$$3$H$O�(B mount(1)�$B$r;2>H$7$F$/$@$5$$!#�(B
�$B%U%!%$%k%7%9%F%`$bCf$K$O$3$l$i$N%"%/%;%9@)8fCM$N$$$/$D$+$r%5%]!<%H$7$F$$$J$$�(B
�$B>l9g$,$"$j$^$9$N$G!"$/$I$$$h$&$G$9$,�(B mount(1)�$B$r8+$F!"%U%!%$%k%7%9%F%`$,2?$r�(B
�$B%5%]!<%H$7$F$$$k$N$+$r3NG'$7$F$/$@$5$$!#�(B
<P>�$B%"%/%;%9@)8f%j%9%H�(B(ACL�$B!"�(Baccess control list)�$B$H�(B POSIX �$B%1%$%Q%S%j%F%#$NCM$r�(B
�$B%U%!%$%k%7%9%F%`$X<BAu$9$k:n6H$,B3$1$i$l$F$$$^$9$,!"I8=`$N�(B Linux 2.2 �$B$K$O�(B
�$B$^$@F~$C$F$$$^$;$s!#�(B
<P><B>�$BLuCp!'�(B</B>ACL �$B$O=>Mh$N=jM-<T!"%0%k!<%WEy$K$h$k%U%!%$%k$X$N%"%/%;%9�(B
�$B@)8fJ}K!$K$+$o$C$F99$K:Y$+$J@)8f$r2DG=$H$9$k$7$/$_$G$9!#%M%C%H%o!<%/>e�(B
�$B$N%5!<%P!<$KBP$9$k%"%/%;%9@)8B$K$D$$$F$b$3$NMQ8l$,;HMQ$5$l$F$$$^$9�(B
(RFC 1983)�$B!#�(B
<P>
<H3>�$B:n@.;~$N=i4|CM�(B</H3>
<P>�$B:n@.$9$k;~$K$O<!$N%k!<%k$,E,MQ$5$l$^$9!#�(B
�$B$"$k%U%!%$%k%7%9%F%`$N9=@.MWAG�(B(FSO)�$B$,:n$i$l$k$H�(B(�$B$?$H$($P�(B creat(2)�$B$r;H$C$F�(B)�$B!"�(B
FSO �$B$N�(B uid �$B$O%W%m%;%9$N�(B fsuid �$B$K@_Dj$5$l$^$9!#IaDL!"�(BFSO �$B$N�(B gid �$B$O%W%m%;%9$N�(B
fsuid �$B$,@_Dj$5$l$^$9$,!"%G%#%l%/%H%j$K�(B setgid �$B%S%C%H$,N)$C$F$$$?$j!"%U%!%$%k�(B
�$B%7%9%F%`$N!V�(Bgrpid�$B!W$,@_Dj$7$F$"$C$?$j$9$k$H�(B FSO �$B$N�(B gid �$B$K$O!"%G%#%l%/%H%j$N�(B
gid �$B$,@_Dj$5$l$^$9!#�(B
�$B$3$NFC<l$J%1!<%9$rMxMQ$9$k$3$H$K$h$C$F!"$$$o$f$k!V%W%m%8%'%/%H!W$N$?$a$N�(B
�$B%G%#%l%/%H%j$r:n$k$3$H$,$G$-$^$9!#!V%W%m%8%'%/%HMQ!W$N%G%#%l%/%H%j$r:n$k�(B
�$B$K$O<!$N$h$&$K$7$^$9!#$^$:%W%m%8%'%/%HMQ$K@lMQ$N%0%k!<%W$r:n$j$^$9!#$=$l$+$i�(B
�$B$=$N%0%k!<%W$,=jM-<T$G$"$k%W%m%8%'%/%HMQ$N%G%#%l%/%H%j$r:n@.$7!"�(Bsetgid
�$B$7$^$9!#$3$&$9$k$H!"2?$+%U%!%$%k$r$=$3$N%G%#%l%/%H%j$KCV$/$H!"<+F0E*$K$=$N�(B
�$B%W%m%8%'%/%H$,=jM-<T$H$J$j$^$9!#�(B
�$BF1MM$K!"?7$7$$%5%V%G%#%l%/%H%j$r�(B setgid �$B%S%C%H$rN)$F$?%G%#%l%/%H%j$NG[2<$K�(B
�$B:n@.$9$k$H�(B(�$B%U%!%$%k%7%9%F%`$N�(B grpid �$B$b@_Dj$5$l$F$$$J$$�(B)�$B!"?7$7$$%G%#%l%/%H%j�(B
�$B$b�(B setgid �$B%S%C%H$,N)$F$i$l$^$9�(B(�$B$7$?$,$C$F%W%m%8%'%/%H$N%5%V%G%#%l%/%H%j$O!"�(B
�$B!V4|BTDL$j$N@5$7$$F0:n!W$r$7$^$9!#$=$NB>$N%1!<%9$O!"?7$7$$%U%!%$%k$K�(B
setgid �$B$O$+$1$i$l$F$$$^$;$s!#4pK\$H$J$k�(B FSO �$B$N%"%/%;%9@)8B�(B(�$BFI$_9~$_!"�(B
�$B=q$-9~$_!"<B9T�(B)�$B$O!"�(B(�$BMW5a$5$l$?CM$K�(B umask �$BCM$r�(B &(�$B%S%C%HH?E>�(B)
~(�$BO@M}@Q�(B))�$B$7$F5a$a$i$l$^$9!#�(B
�$B%U%!%$%k$,?75,$K:n@.$5$l$?>uBV$G$O!">o$K�(B sticky �$B%S%C%H$b�(B setuid �$B%S%C%H$b�(B
�$B%/%j%"$5$l$F$$$^$9!#�(B
<H3>�$B%"%/%;%9@)8f$NB0@-$rJQ99$9$k�(B</H3>
<P>�$B%"%/%;%9@)8f$NB0@-$NBgItJ,$O!"�(Bchmod(2)�$B$+�(B chmod(1)�$B$G@_Dj$G$-$^$9$,!"�(Bchown(1)�$B!"�(B
chgrp(1)�$B!"�(Bchattr(1)�$B$b;2>H$7$F$/$@$5$$!#�(B
<P>�$BCm0U$7$FM_$7$$$3$H$,$"$j$^$9!#$=$l$O�(B Linux �$B$G$O�(B root �$B$@$1$,%U%!%$%k$N=jM-<T�(B
�$B$rJQ99$9$k$3$H$,$G$-$k$H$$$&$3$H$G$9!#�(B
UNIX �$B%i%$%/$J%7%9%F%`$NCf$K$O!"0lHL%f!<%6$b=jM-<T$NJQ99$,9T$($k$b$N$,$"$j�(B
�$B$^$9$,!"$3$l$OLq2p;v$r0z$-5/$3$7$^$9!#$?$H$($P%G%#%9%/;HMQNL$r@)8B$7$h$&$H�(B
�$B$7$?$H$7$^$9!#$=$N;~!"0lHL%f!<%6$K=jM-<T$NJQ99$r5v$7$F$$$k$H!"%f!<%6$NC/$+$,�(B
�$B<+J,$NBg$-$J%U%!%$%k$rB>?M$N=jM-$KJQ99$7$F!"$=$N?M$r!VHo32<T!W$K$7$?$F$F$7$^�(B
�$B$($^$9!#�(B
<H3>�$B%"%/%;%9@)8f$NB0@-$r;H$&$K$O�(B</H3>
<P>Linux �$B$H�(B UNIX �$B%i%$%/$J%7%9%F%`$N$[$H$s$I$G!"FI$_9~$_$d=q$-9~$_$NB0@-�(B
�$B$NCM$O%U%!%$%k$,%*!<%W%s$5$l$?;~$K$@$1%A%'%C%/$5$l$^$9!#FI$_=q$-$9$kEY�(B
�$B$K%A%'%C%/$5$l$k$o$1$G$O$"$j$^$;$s!#%7%9%F%`!&%3!<%k$NBgB??t$,!"$3$l$i$N�(B
�$BB0@-$rMxMQ$7$F$$$^$9!#$H$$$&$N$b!"%U%!%$%k%7%9%F%`$H$$$&$b$N$,�(B Linux
�$B$NCf?u$r$J$7$F$$$k$+$i$G$9!#�(B
�$B$3$l$i$N%7%9%F%`!&%3!<%k$K$O!"�(Bopen(2)�$B!"�(Bcreat(2)�$B!"�(Blink(2)�$B!"�(Bunlink(2)�$B!"�(B
rename(2)�$B!"�(B mknod(2)�$B!"�(Bsymlink(2)�$B!"�(Bsocket(2)�$BEy$,$"$j$^$9!#�(B
<P>
<H3>�$B%U%!%$%k%7%9%F%`$N3,AX�(B</H3>
<P>�$BD9G/$N47Nc$G!"!V2?$N%U%!%$%k$O$I$3$KCV$/!W$H$$$&LsB+;v$,$G$-$F$$$^$9!#�(B
�$B$-$^$j$r<i$C$F!"%G%#%l%/%H%j3,AX$NCf$K>pJs$r3JG<$7$F$/$@$5$$!#�(B
�$B35N,$K$D$$$F$O!"�(Bhier(5)�$B$r;2>H$7$F$/$@$5$$!#�(B
�$B$5$i$K>\$7$/CN$j$?$1$l$P!"�(BFilesystem Hierarchy Standard (FHS)
<A HREF="http://www.pathname.com/fhs">http://www.pathname.com/fhs</A> �$B$r8+$F$/$@$5$$!#�(BFHS �$B$O=>Mh$N�(B
Filesystem Structure standard (FSSTND)�$B$r?7$?$K=q$-49$($?$b$N$G$9!#�(B
<H2><A NAME="ss3.3">3.3 System V IPC</A>
</H2>
<P>Linux �$B$O�(B System V �$BM3Mh$N�(B IPC �$B$G$"$k!"%a%C%;!<%8!&%-%e!<!"%;%^%U%)!"6&M-%a%b%j�(B
�$B$r%5%]!<%H$7$F$$$^$9!#�(B
�$B$=$l$>$l$N%5!<%S%9$O!"2<5-$NB0@-$r;}$C$F$$$^$9!#�(B
<UL>
<LI>�$B:n@.<T$d:n@.<T$,B0$9$k%0%k!<%W!"$=$l0J30$N<T$NFI$_=q$-$N%Q!<%_%C%7%g%s�(B</LI>
<LI>�$B:n@.<T�(B uid �$B$H�(B gid - IPC �$B%*%V%8%'%/%H:n@.<T$N�(B uid �$B$H�(B gid</LI>
<LI>�$B=jM-<T�(B uid �$B$H�(B gid - IPC �$B%*%V%8%'%/%H=jM-<T$N�(B uid �$B$H�(B gid(�$B=i4|>uBV$G$O�(B
IPC �$B%*%V%8%'%/%H:n@.<T$N�(B uid �$B$HF1$8�(B)</LI>
</UL>
<P>�$B2<5-$N%k!<%k$K$b$H$E$$$F�(B IPC �$B%*%V%8%'%/%H%"%/%;%9$7$^$9!#�(B
<UL>
<LI>�$B%W%m%;%9$,�(B root �$B$N8"8B$r;}$C$F$$$l$P!"%"%/%;%9$,5v2D$5$l$k�(B</LI>
<LI>�$B%W%m%;%9$N�(B euid �$B$,=jM-<T$b$7$/$O:n@.<T$N�(B uid �$B$HF1$8$J$i$P!":n@.<T$N�(B
�$B%Q!<%_%C%7%g%s$r8+$F!"LdBj$J$1$l$P%"%/%;%9$,5v2D$5$l$k�(B</LI>
<LI>�$B%W%m%;%9$N�(B euid �$B$,=jM-<T$b$7$/$O:n@.<T$N�(B gid �$B$HF1$8!"$b$7$/$O%W%m%;%9�(B
�$B$NB0$9$k%0%k!<%W$NCf$K=jM-<T$b$7$/$O:n@.<T$N�(B gid �$B$HF1$8$b$N$,$"$l$P!":n@.<T�(B
�$B$N%Q!<%_%C%7%g%s$r8+$F!"LdBj$J$1$l$P%"%/%;%9$,5v2D$5$l$k�(B</LI>
<LI>�$B$=$NB>$N>l9g$O!V$=$NB>$N%f!<%6!W$N%Q!<%_%C%7%g%s$r%A%'%C%/$9$k�(B</LI>
</UL>
<P>root �$B$b$7$/$O�(B �$B=jM-<T$d:n@.<T$N�(B euid �$B$r;}$D%W%m%;%9$O!"=jM-<T$N�(B uid �$B$d�(B gid �$B$r�(B
�$B@_Dj$G$-!"$^$?:o=|$b2DG=$G$"$k$3$H$rK:$l$J$$$G$/$@$5$$!#>\$7$/$O�(B ipc(5)�$B$r�(B
�$B;2>H$7$F$/$@$5$$!#�(B
<H2><A NAME="ss3.4">3.4 �$B%=%1%C%H$H%M%C%H%o!<%/@\B3�(B</A>
</H2>
<P>�$B%=%1%C%H$O!">pJs$rEA$($k<jCJ$H$7$FFC$K%M%C%H%o!<%/1[$7$NDL?.$K;HMQ$5$l$F�(B
�$B$$$^$9!#�(B
socket(2)�$B$O>pJs$rEA$($k$?$a$N@\B3%]%$%s%H$r:n@.$7!"$=$l$rI=$o$9%G%#%9%/%j%W%?�(B
�$B$rJV$7$^$9!#$5$i$K>\$7$$$3$H$O!"�(Bsocket(2)�$B$d$=$3$+$iAj8_$K;2>H$G$-$k4XO">pJs$r�(B
�$B8+$F$/$@$5$$!#�(B
Linux �$B$N>l9g!"�(BTCP �$B$d�(B UDP �$B$G�(B 1024 �$B0J2<$N%m!<%+%k$J%]!<%H$K@\B3$9$k$K$O!"�(Broot
�$B$N8"8B$,I,MW$G$"$k$3$H$r3P$($F$*$$$F$/$@$5$$!#�(B
(�$B%j%b!<%H$K$"$k�(B 1024 �$B0J2<$N%]!<%H$X$N@\B3$K$D$$$F$O!"FCJL$J8"8B$OI,MW$"$j$^�(B
�$B$;$s�(B)�$B!#�(B
<H2><A NAME="ss3.5">3.5 quota �$B$H%j%=!<%9$N@)8B�(B</A>
</H2>
<P>Linux �$B$K$O!"%U%!%$%k%7%9%F%`$N3d$jEv$F@)8B�(B(quota)�$B$H%W%m%;%9$N%j%=!<%9@)8B�(B
�$B$r9T$J$&5!G=$,$"$j$^$9!#�(B
�$B$3$N5!G=$K$O!"!V%O!<%I$J@)8B!W�(B(hard limit)�$B$H!V%=%U%H$J@)8B!W�(B(soft limit)�$BN>J}�(B
�$B$N0UL#$,$"$j!"B?>/0UL#$,0[$J$k$N$G!"Cm0U$,I,MW$G$9!#�(B
<P>�$B5-21AuCV�(B(�$B%U%!%$%k%7%9%F%`�(B)�$B$N3d$jEv$F@)8B$O!"%^%&%s%H%]%$%s%HKh$K@_Dj$,2DG=$G!"�(B
�$BFCDj$N%f!<%6$d%0%k!<%W$,$=$3$G;HMQ$G$-$k%V%m%C%/?t$d%U%!%$%k?t�(B(inode�$B?t�(B)�$B$K�(B
�$B@)8B$r$+$1$i$l$^$9!#�(B
�$B!V%O!<%I$J!W$b$N$,@)8B$r1[$($k$3$H$,$G$-$J$$$N$KBP$7$F!"!V%=%U%H$J!W$b$N$O�(B
�$B0l;~E*$K@)8B$r1[$($k$3$H$,5v$5$l$F$$$^$9!#�(B
quota(1)�$B!"�(Bquotactl(2)�$B!"�(Bquotaon(8)�$B$r;2>H$7$F$/$@$5$$!#�(B
<P>rlimit �$B$O!"%W%m%;%9$KBP$9$k?t!9$N3d$jEv$F@)8B$r<B8=$9$k$7$/$_$G!"%U%!%$%k�(B
�$B%5%$%:!";R%W%m%;%9?t!"%*!<%W%s$G$-$k%U%!%$%k?t$J$I$r07$($^$9!#!V%=%U%H$J!W�(B
�$B@)8B�(B(�$B8=>u$N@)8B�(B(current limit)�$B$H$b8@$&�(B)�$B$H!V%O!<%I$J@)8B!W�(B
(�$B>e8B�(B(upper limit)�$B$H$b8@$&�(B)�$B$,$"$j$^$9!#�(B
�$B%=%U%H$J@)8B$rD6$($k$3$H$O7h$7$F$G$-$^$;$s$,!"%7%9%F%`%3!<%k$K$h$C$F%O!<%I�(B
�$B$J@)8B$N>e8B$^$G$"$2$k$3$H$,$G$-$^$9!#�(B
getrlimit()�$B!"�(Bsetrlimit()�$B!"�(Bgetrusage()�$B$r;2>H$7$F$/$@$5$$!#�(B
<H2><A NAME="ss3.6">3.6 Audit(�$B4F::�(B)</A>
</H2>
<P>�$B8=:_$b$C$H$b0lHLE*$J!V4F::!W$N$7$/$_$O!"�(Bsyslogd(8)�$B$G$9!#�(B
wtmp(5)�$B!"�(Butmp(5)�$B!"�(Blastlog(8)�$B!"�(Bacct(2)�$B$b;2>H$9$k$3$H$r$*4+$a$7$^$9!#�(B
�$B%5!<%P!<!&%W%m%0%i%`�(B(Apache Web �$B%5!<%P!<$N$h$&$J$b$N�(B)�$B$NCf$K$O!"FH<+$K:/@W$r4F::�(B
�$B$9$k$7$/$_$r;}$C$F$$$k$b$N$b$"$j$^$9!#�(B
<H2><A NAME="ss3.7">3.7 PAM</A>
</H2>
<P>�$BG'>Z$,I,MW$J;~$K�(B Linux �$B%7%9%F%`$NBgItJ,$O�(B Pluggable Authentication Modules
(PAM: �$B:9$7BX$(2DG=$JG'>Z%b%8%e!<%k�(B)�$B$r;HMQ$7$^$9!#$3$N$7$/$_$r;H$&$H!"G'>Z�(B
�$BJ}K!$N9=@.$rJQ99$G$-$k$h$&$K$J$j$^$9�(B(�$B$?$H$($P%Q%9%o!<%I$d%9%^!<%H%+!<%IEy�(B
�$B$N;HMQ�(B)�$B!#�(B
PAM �$B$K$D$$$F$O!"8e$G$5$i$KO@$8$^$9!#�(B
<P><B>�$BLuCp!'�(B</B>�$B%9%^!<%H%+!<%I�(B(smart card)�$B$H$O!"%W%i%9%F%#%C%/$N%+!<%I>e$K�(B
IC �$B$d%a%b%j$J$I$N%A%C%W$r:\$;$?%+!<%I$r;X$7$^$9!#F|K\$G$O�(B IC �$B%+!<%I$H�(B
�$B8F$V%1!<%9$,B?$$$h$&$G$9!#�(B
�$B=>Mh$N<'5$%+!<%I$HHf$Y$k$H!"$h$jB?$/$N>pJs$r3JG<$G$-$k$@$1$G$O$J$/!"�(B
�$B%W%m%0%i%`$r%$%s%9%H!<%k$7$F<B9T$9$k$3$H$,2DG=$G$"$kE@$,Bg$-$/0[$J$j�(B
�$B$^$9!#�(B
<P>
<HR>
<A HREF="Secure-Programs-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="Secure-Programs-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="Secure-Programs-HOWTO.html#toc3">�$BL\<!$X�(B</A>
</BODY>
</HTML>
