💻
Application Security Cheat Sheet
  • Application Security Cheat Sheet
  • Android Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
      • Package Manager
    • Intent Vulnerabilities
      • Deep Linking Vulnerabilities
    • WebView Vulnerabilities
      • WebResourceResponse Vulnerabilities
      • WebSettings Vulnerabilities
  • CI/CD
    • Dependency
      • Dependency Confusion
      • Dependency Hijaking
      • Typosquatting
    • GitHub
      • GitHub Actions
      • Code owners
      • Dependabot
      • Redirect
      • Releases
  • Cloud
    • AWS
      • Amazon API Gateway
      • Amazon Cognito
      • Amazon S3
  • Container
    • Overview
      • Container Basics
      • Docker Engine
    • Escaping
      • CVE List
      • Exposed Docker Socket
      • Excessive Capabilities
      • Host Networking Driver
      • PID Namespace Sharing
      • Sensitive Mounts
    • Container Analysis Tools
  • Framework
    • Spring
      • Overview
      • Mass Assignment
      • Routing Abuse
      • SpEL Injection
      • Spring Boot Actuators
      • Spring Data Redis Insecure Deserialization
      • Spring View Manipulation
    • React
      • Overview
      • Security Issues
  • Linux
    • Overview
      • Philosophy
      • File
      • File Descriptor
      • I/O Redirection
      • Process
      • Inter Process Communication
      • Shell
      • Signals
      • Socket
      • User Space vs Kernel Space
    • Bash Tips
  • iOS Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
    • Getting Started
      • IPA Patching
      • Source Code Patching
      • Testing with Objection
  • Resources
    • Lists
      • Payloads
      • Wordlists
    • Researching
      • Web Application
      • Write-ups
    • Software
      • AWS Tools
      • Azure Tools
      • Component Analysis
      • Docker Analysis
      • Dynamic Analysis
      • Fuzzing
      • GCP Tools
      • Reverse Engineering
      • Static Analysis
      • Vulnerability Scanning
    • Training
      • Secure Development
  • Web Application
    • Abusing HTTP hop-by-hop Request Headers
    • Broken Authentication
      • Two-Factor Authentication Vulnerabilities
    • Command Injection
      • Argument Injection
    • Content Security Policy
    • Cookie Security
      • Cookie Bomb
      • Cookie Jar Overflow
      • Cookie Tossing
    • CORS Misconfiguration
    • File Upload Vulnerabilities
    • GraphQL Vulnerabilities
    • HTML Injection
      • base
      • iframe
      • link
      • meta
      • target attribute
    • HTTP Header Security
    • HTTP Request Smuggling
    • Improper Rate Limits
    • JavaScript Prototype Pollution
    • JSON Web Token Vulnerabilities
    • OAuth 2.0 Vulnerabilities
      • OpenID Connect Vulnerabilities
    • Race Condition
    • Server Side Request Forgery
      • Post Exploitation
    • SVG Abuse
    • Weak Random Generation
    • Web Cache Poisoning
Powered by GitBook
On this page
  • Attributes
  • Lifecycle
  • References
  1. Linux
  2. Overview

Process

PreviousI/O RedirectionNextInter Process Communication

Last updated 3 years ago

There are three components to remember about a process:

  • Program file - the code and data

  • Process image - this stores the stack, variables currently defined, data, address space, and ; when it is time to run, the OS knows exactly how to recreate the process using this image

  • Process - the running program in memory

When a process starts running, it inherits the user-id and group-id from the parent process. This information controls the level of access to the process. You can use or to enable a process to inherit the file owner permissions.

Attributes

Each process has the following attributes:

  • Unique identifier called process-id or pid

  • Link to the parent process that spawned it

There is a special root parent process called init, it usually has pid 1. The ppid of init is 0 (which conventionally means it has no parent). The pid 0 corresponds to the kernel scheduler, which is not a user process.

Lifecycle

There is a common pattern in UNIX on how processes work:

This cycle repeats for every process spawned.

There are a few things that might go wrong here:

  • What if the parent does not call wait()? This results in a zombie process - which is a resource leak, since the OS can not clean up processes before their exit code has been consumed by the parent

  • What if the parent dies before the child process? This results in an orphan process; an orphan process is adopted by the init process (the special root parent), which then waits on the child process to finish

References

systemd is now replacing init on Linux, it solves a few problems with init and overall more stable, read more

A new child process is created by cloning the existing parent process

This new child process calls to replace the parent process running in the child with the process the child wants to run

The child process calls to terminate itself; it only passes an exit code out; 0 means success, everything else is an error code

The parent process needs to call the system call to get access to this exit code

How can the parent get access to additional information from the child? This is not possible with exit codes. However, there are other ways to do .

here
fork()
exec()
exit()
wait()
inter process communication
How Unix Works: Become a Better Software Engineer
more
setuid
setgid