path_resolution

Autres langues

Langue: ja

Autres versions - même langue

Version: 2004-06-21 (openSuse - 09/10/07)

Autres sections - même nom

Section: 7 (Divers)

Sommaire

̾Á°

Unix/Linux path resolution - ¥Õ¥¡¥¤¥ë̾¤Ç»²¾È¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤ò¸«¤Ä¤±¤ë

ÀâÌÀ

¤¤¤¯¤Ä¤«¤Î Unix/Linux ¥·¥¹¥Æ¥à¥³¡¼¥ë¤Ï¡¢ 1 ¤Ä°Ê¾å¤Î¥Õ¥¡¥¤¥ë̾¤ò°ú¤­¿ô¤È¤·¤Æ»ý¤Ä¡£ ¥Õ¥¡¥¤¥ë̾ (¤Þ¤¿¤Ï¥Ñ¥¹Ì¾) ¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ²ò·è¤µ¤ì¤ë¡£

¥¹¥Æ¥Ã¥× 1: ²ò·è²áÄø¤ò³«»Ï¤¹¤ë

¥Ñ¥¹Ì¾¤¬ '/' ʸ»ú¤Ç»Ï¤Þ¤Ã¤Æ¤¤¤ë¾ì¹ç¡¢ ¥Ç¥£¥ì¥¯¥È¥ê¸¡º÷¤Î³«»ÏÅÀ¤Ï¸½ºß¤Î¥×¥í¥»¥¹¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤Ê¤ë¡£ (¥×¥í¥»¥¹¤Ï¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ò¿Æ¥×¥í¥»¥¹¤«¤é·Ñ¾µ¤¹¤ë¡£ Ä̾ï¤Ï¡¢¤³¤ì¤¬¥Õ¥¡¥¤¥ë³¬ÁؤΥ롼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤Ê¤ë¡£ ¥×¥í¥»¥¹¤Ï chroot(2) ¥·¥¹¥Æ¥à¥³¡¼¥ë¤ò»È¤Ã¤ÆÊ̤Υ롼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ò¼èÆÀ¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ ¤³¤Î¾ì¹ç¡¢¤½¤Î¥×¥í¥»¥¹¤È CLONE_NEWNS ¥Õ¥é¥°¤òÀßÄꤷ¤Æ clone(2) ¤ò¸Æ¤Ó½Ð¤¹¤³¤È¤Ë¤è¤Ã¤Æ³«»Ï¤µ¤ì¤¿¤½¤Î¥×¥í¥»¥¹¤Î»Ò¹¤Ï¡¢ ´°Á´¤Ë¥×¥é¥¤¥Ù¡¼¥È¤Ê̾Á°¶õ´Ö¤ò¼èÆÀ¤Ç¤­¤ë¡£) ¥Ñ¥¹Ì¾¤Î '/' ¤ÎÉôʬ¤Ï¡¢¤³¤Î¤è¤¦¤Ë¤·¤Æ°·¤ï¤ì¤ë¡£

¥Ñ¥¹Ì¾¤¬ '/' ʸ»ú¤Ç»Ï¤Þ¤Ã¤Æ¤¤¤Ê¤¤¾ì¹ç¡¢ ²ò·è²áÄø¤Ë¤ª¤±¤ë¥Ç¥£¥ì¥¯¥È¥ê¸¡º÷¤Î³«»ÏÅÀ¤Ï¡¢ ¥×¥í¥»¥¹¤Î¸½ºß¤Îºî¶È (working) ¥Ç¥£¥ì¥¯¥È¥ê¤È¤Ê¤ë¡£ (¤³¤ì¤â¿Æ¥×¥í¥»¥¹¤«¤é·Ñ¾µ¤µ¤ì¤ë¡£ ¤³¤ì¤Ï chdir(2) ¥·¥¹¥Æ¥à¥³¡¼¥ë¤ò»È¤¦¤³¤È¤ÇÊѹ¹¤Ç¤­¤ë¡£)

'/' ʸ»ú¤Ç»Ï¤Þ¤ë¥Ñ¥¹Ì¾¤ÏÀäÂХѥ¹Ì¾¤È¸Æ¤Ð¤ì¡¢ '/' ʸ»ú¤Ç»Ï¤Þ¤é¤Ê¤¤¥Ñ¥¹Ì¾¤ÏÁêÂХѥ¹Ì¾¤È¸Æ¤Ð¤ì¤ë¡£

¥¹¥Æ¥Ã¥× 2: ¥Ñ¥¹¤òé¤ë

¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤ò¥Ç¥£¥ì¥¯¥È¥ê¸¡º÷¤Î³«»ÏÅÀ¤È¤¹¤ë¡£ ¤½¤·¤Æ¡¢¥Ñ¥¹Ì¾¤ÎºÇ¸å¤Î¹½À®Í×ÁÇ (component) ¤Ç¤Ê¤¤³Æ¹½À®Í×ÁǤˤĤ¤¤Æ¡¢ ¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤Ç¸¡º÷¤ò¹Ô¤¦¡£ ¤³¤³¤Ç¹½À®Í×ÁÇ¤Ï '/' ¤Ç¶èÀÚ¤é¤ì¤¿Éôʬʸ»úÎó¤Ç¤¢¤ë¡£

¥×¥í¥»¥¹¤¬¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤Î¸¡º÷µö²Ä¤ò»ý¤¿¤Ê¤¤¾ì¹ç¡¢ EACCES ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë ("Permission denied")¡£

¹½À®Í×ÁǤ¬¸«¤Ä¤«¤é¤Ê¤¤¾ì¹ç¡¢ENOENT ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë ("No such file or directory")¡£

¹½À®Í×ÁǤϸ«¤Ä¤«¤Ã¤¿¤¬¡¢¥Ç¥£¥ì¥¯¥È¥ê¤Ç¤â¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Ç¤â¤Ê¤¤¾ì¹ç¡¢ ENOTDIR ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë ("Not a directory")¡£

¹½À®Í×ÁǤ¬¸«¤Ä¤«¤Ã¤Æ¡¢¤«¤Ä¥Ç¥£¥ì¥¯¥È¥ê¤Ç¤¢¤ë¾ì¹ç¡¢ ¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤ò¤½¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ËÀßÄꤷ¡¢ ¼¡¤Î¹½À®Í×ÁǤ˰ÜÆ°¤¹¤ë¡£

¹½À®Í×ÁǤ¬¸«¤Ä¤«¤Ã¤Æ¡¢¤«¤Ä¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯ (symlink) ¤Ç¤¢¤ë¾ì¹ç¡¢ (¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤ò¥Ç¥£¥ì¥¯¥È¥ê¸¡º÷¤Î³«»ÏÅÀ¤È¤·¤Æ) ºÇ½é¤Ë¤½¤Î¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤ò²ò·è¤¹¤ë¡£ ·ë²Ì¤¬¥Ç¥£¥ì¥¯¥È¥ê¤Ç¤Ê¤¤¾ì¹ç¡¢ENOTDIR ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë¡£ ¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Î²ò·è¤¬À®¸ù¤·¤Æ¥Ç¥£¥ì¥¯¥È¥ê¤¬ÊÖ¤µ¤ì¤¿¾ì¹ç¡¢ ¤½¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ò¸½ºß¤Î¸¡º÷¥Ç¥£¥ì¥¯¥È¥ê¤È¤·¤ÆÀßÄꤷ¡¢ ¼¡¤Î¹½À®Í×ÁǤ˰ÜÆ°¤¹¤ë¡£ ²ò·è²áÄø¤ËºÆµ¢¤¬´Þ¤Þ¤ì¤ëÅÀ¤ËÃí°Õ¤¹¤ë¤³¤È¡£ ¥«¡¼¥Í¥ë¤ò¥¹¥¿¥Ã¥¯¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤ä ¥µ¡¼¥Ó¥¹µñÈÝ (denial of service) ¤«¤é¼é¤ë¤¿¤á¡¢ ºÆµ¢¤ÎºÇÂç¤Î¿¼¤µ¤È¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤òé¤ëºÇÂç²ó¿ô¤ËÀ©¸Â¤¬¤¢¤ë¡£ ºÇÂçÃͤòĶ¤¨¤¿¾ì¹ç ELOOP ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë ("Too many levels of symbolic links")¡£

¥¹¥Æ¥Ã¥× 3: ºÇ¸å¤Î¥¨¥ó¥È¥ê¤ò¸«¤Ä¤±¤ë

¥Ñ¥¹Ì¾¤ÎºÇ¸å¤Î¹½À®Í×ÁǤθ¡º÷¤Ï¡¢Á°¤Î¥¹¥Æ¥Ã¥×¤ÇÀâÌÀ¤·¤¿ ¾¤ÎÁ´¤Æ¤Î¹½À®Í×ÁǤÈƱ¤¸¤è¤¦¤Ë¼Â¹Ô¤µ¤ì¤ë¤¬¡¢2 ¤Ä¤Î°ã¤¤¤¬¤¢¤ë¡£ (i) ºÇ¸å¤Î¹½À®Í×ÁǤϥǥ£¥ì¥¯¥È¥ê¤Ç¤¢¤ëɬÍפ¬¤Ê¤¤ (¥Ñ¥¹²ò·è²áÄø¤Ë´Ø¤¹¤ë¸Â¤ê¤Ï¤É¤Á¤é¤Ç¤â¹½¤ï¤Ê¤¤ --- ÆÃÄê¤Î¥·¥¹¥Æ¥à¥³¡¼¥ë¤¬Í׵᤹¤ë¤â¤Î¤Ë¤è¤Ã¤Æ¡¢ ¥Ç¥£¥ì¥¯¥È¥ê¤Ç¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¾ì¹ç¤â¤¢¤ë¤·¡¢ ¥Ç¥£¥ì¥¯¥È¥ê°Ê³°¤Ç¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¾ì¹ç¤â¤¢¤ë)¡£ (ii) ¹½À®Í×ÁǤ¬¸«¤Ä¤«¤é¤Ê¤¤¾ì¹ç¤Ë¥¨¥é¡¼¤Ë¤¹¤ëɬÍפϤʤ¤ --- ¤½¤Î¹½À®Í×ÁǤòºîÀ®¤¹¤ë¤À¤±¤Ç¤è¤¤¾ì¹ç¤â¤¢¤ë¡£ ºÇ¸å¤Î¥¨¥ó¥È¥ê¤Î¾ÜºÙ¤Ê°·¤¤¤Ï¡¢ ÆÃÄê¤Î¥·¥¹¥Æ¥à¥³¡¼¥ë¤Î man ¥Ú¡¼¥¸¤ÇÀâÌÀ¤µ¤ì¤Æ¤¤¤ë¡£

. ¤È ..

´·½¬¤È¤·¤Æ¡¢Á´¤Æ¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ï¥¨¥ó¥È¥ê "." ¤È ".." ¤ò»ý¤Ä¡£ ¤³¤ì¤é¤Ï¤½¤ì¤¾¤ì¡¢¤½¤Î¥Ç¥£¥ì¥¯¥È¥ê¼«¿È¤È¤½¤Î¿Æ¥Ç¥£¥ì¥¯¥È¥ê¤ò»²¾È¤¹¤ë¡£

¥Ñ¥¹²ò·è²áÄø¤Ç¤Ï¡¢¤³¤ì¤é¤Î¥¨¥ó¥È¥ê¤¬ÊªÍýŪ¤Ê¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Ë ¼ÂºÝ¤Ë¸ºß¤¹¤ë¤«Èݤ«¤Ë´Ø¤ï¤é¤º¡¢´·½¬Åª¤Ê°ÕÌ£¤ò»ý¤Ä¤È²¾Äꤹ¤ë¡£

¥ë¡¼¥È¤è¤ê¾å¤Ëé¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤: "/.." ¤Ï "/" ¤ÈƱ¤¸¤Ç¤¢¤ë¡£

¥Þ¥¦¥ó¥È°ÌÃÖ

"mount dev path" ¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤¿¸å¡¢ ¥Ñ¥¹Ì¾ "path" ¤Ï¥Ç¥Ð¥¤¥¹ "dev" ¾å¤Î¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à³¬ÁؤΠ¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ò»²¾È¤¹¤ë¤è¤¦¤Ë¤Ê¤ê¡¢°ÊÁ°¤Î°ÌÃÖ¤ò»²¾È¤·¤Ê¤¤¡£

¥Þ¥¦¥ó¥È¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î³°¤Ë½Ð¤ë¤³¤È¤¬¤Ç¤­¤ë: "path/.." ¤Ï "dev" ¾å¤Î¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à³¬Áؤγ°¤Ç¤¢¤ë "path" ¤Î¿Æ¥Ç¥£¥ì¥¯¥È¥ê¤ò»²¾È¤¹¤ë¡£

ËöÈø¤Î¥¹¥é¥Ã¥·¥å

¥Ñ¥¹Ì¾¤¬ '/' ¤Ç½ª¤ï¤Ã¤Æ¤¤¤ë¾ì¹ç¡¢ ¥¹¥Æ¥Ã¥× 2 ¤Ë¤ª¤¤¤Æ¡¢¤½¤ÎÁ°¤Ë¤¢¤ë¹½À®Í×ÁǤβò·èË¡¤ò¼¡¤Î¤è¤¦¤Ë¶¯À©¤¹¤ë: ¤½¤Î¹½À®Í×ÁǤ¬Â¸ºß¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤º¡¢¥Ç¥£¥ì¥¯¥È¥ê¤È¤·¤Æ²ò·è¤µ¤ì¤ë¡£ ¸ºß¤·¤Ê¤¤¾ì¹ç¤Ï¡¢ËöÈø¤Î '/' ¤¬Ìµ»ë¤µ¤ì¤ë¡£ (¤Þ¤¿Æ±Íͤˡ¢ËöÈø¤Ë '/' ¤¬¤¢¤ë¥Ñ¥¹Ì¾¤Ï¡¢ '.' ¤òËöÈø¤Ë²Ã¤¨¤ÆÆÀ¤é¤ì¤ë¥Ñ¥¹Ì¾¤ÈÅù¤·¤¤¡£)

ºÇ¸å¤¬¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Î¤È¤­

¥Ñ¥¹Ì¾¤ÎºÇ¸å¤Î¹½À®Í×ÁǤ¬¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Ç¤¢¤ë¾ì¹ç¡¢ »²¾È¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤ò¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤È¤¹¤ë¤«¡¢ ¤½¤ÎÆâÍƤˤĤ¤¤Æ¥Ñ¥¹¤ò²ò·è¤·¤¿·ë²Ì¤È¤¹¤ë¤«¤Ï¡¢ ¥·¥¹¥Æ¥à¥³¡¼¥ë¤Ë°Í¸¤¹¤ë¡£ ¤¿¤È¤¨¤Ð¡¢¥·¥¹¥Æ¥à¥³¡¼¥ë lstat(2) ¤Ï¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤ËºîÍѤ¹¤ë¡£ °ìÊý¡¢ stat(2) ¤Ï¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤Ç»Ø¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤ËºîÍѤ¹¤ë¡£

Ťµ¤ÎÀ©¸Â

¥Ñ¥¹Ì¾¤Ë¤ÏºÇÂ獬¤¢¤ë¡£ ¥Ñ¥¹Ì¾ (¤Þ¤¿¤Ï¥·¥ó¥Ü¥ê¥Ã¥¯¥ê¥ó¥¯¤ò²ò·è¤¹¤ë¤È¤­¤ËÆÀ¤é¤ì¤ëÃæ´Ö¥Ñ¥¹Ì¾) ¤¬ Ť¹¤®¤ë¾ì¹ç¡¢ENAMETOOLONG ¥¨¥é¡¼¤¬ÊÖ¤µ¤ì¤ë ("File name too long")¡£

¶õ¤Î¥Ñ¥¹Ì¾

¸µ¡¹¤Î Unix ¤Ç¤Ï¡¢¶õ¤Î¥Ñ¥¹Ì¾¤Ï¸½ºß¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ò»²¾È¤·¤Æ¤¤¤¿¡£ ºÇ¶á¡¢POSIX ¤Ç¤Ï¶õ¤Î¥Ñ¥¹Ì¾¤ò²ò·è¤¹¤ë¤Ù¤­¤Ç¤Ï¤Ê¤¤¤È¤¤¤¦·èÄ꤬¤Ê¤µ¤ì¤¿¡£ ¤³¤Î¾ì¹ç¡¢Linux ¤Ï ENOENT ¤òÊÖ¤¹¡£

µö²Ä

¥Õ¥¡¥¤¥ë¤Îµö²Ä¥Ó¥Ã¥È¤Ï¡¢3 ÁȤΠ3 ¥Ó¥Ã¥È¤«¤é¹½À®¤µ¤ì¤ë¡£ chmod(1) ¤È stat(2) ¤ò»²¾È¤¹¤ë¤³¤È¡£ ¸½ºß¤Î¥×¥í¥»¥¹¤Î¼Â¸ú¥æ¡¼¥¶ ID ¤¬¥Õ¥¡¥¤¥ë¤Î½êÍ­¼Ô ID ¤ÈÅù¤·¤¤¾ì¹ç¡¢ 3 ¤Ä¤Î¤¦¤ÁºÇ½é¤Î¥°¥ë¡¼¥×¤¬»È¤ï¤ì¤ë¡£ ¥Õ¥¡¥¤¥ë¤Î¥°¥ë¡¼¥× ID ¤¬¸½ºß¤Î¥×¥í¥»¥¹¤Î¼Â¸ú¥°¥ë¡¼¥× ID ¤Þ¤¿¤Ï (setgroups(2) ¤ÇÀßÄꤵ¤ì¤ë) ¸½ºß¤Î¥×¥í¥»¥¹¤ÎÊä½õ (supplementary) ¥°¥ë¡¼¥× ID ¤ÈÅù¤·¤¤¾ì¹ç¡¢ 3 ¤Ä¤Î¤¦¤Á 2 ÈÖÌܤΥ°¥ë¡¼¥×¤¬»È¤ï¤ì¤ë¡£ ¤É¤Á¤é¤Ë¤âÅö¤Æ¤Ï¤Þ¤é¤Ê¤¤¾ì¹ç¡¢3 ÈÖÌܤΥ°¥ë¡¼¥×¤¬»È¤ï¤ì¤ë¡£

3 ¥Ó¥Ã¥È¤¬»È¤ï¤ì¤ë¾ì¹ç¡¢ºÇ½é¤Î¥Ó¥Ã¥È¤ÏÆɤ߹þ¤ßµö²Ä¤ò·èÄꤷ¡¢ 2 ÈÖÌܤΥӥåȤϽñ¤­¹þ¤ßµö²Ä¤ò·èÄꤹ¤ë¡£ ¤Þ¤¿ 3 ÈÖÌܤΥӥåȤϡ¢Ä̾ï¤Î¥Õ¥¡¥¤¥ë¤Î¾ì¹ç¤Ï¼Â¹Ôµö²Ä¤òɽ¤·¡¢ ¥Ç¥£¥ì¥¯¥È¥ê¤Î¾ì¹ç¤Ï¸¡º÷µö²Ä¤òɽ¤¹¡£

Linux ¤Ï¡¢µö²Ä¤Î¥Á¥§¥Ã¥¯¤Ë¤ª¤¤¤Æ¡¢¼Â¸ú¥æ¡¼¥¶ ID ¤Ç¤Ï¤Ê¤¯ fsuid ¤ò»È¤¦¡£ Ä̾ï¤Ï fsuid ¤Ï¼Â¸ú¥æ¡¼¥¶ ID ¤ÈÅù¤·¤¤¤¬¡¢fsuid ¤Ï¥·¥¹¥Æ¥à¥³¡¼¥ë setfsuid(2) ¤ÇÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£

(¤³¤³¤Ç "fsuid" ¤Ï "file system user ID" ¤òɽ¤·¤Æ¤¤¤ë¡£ ¤³¤Î³µÇ°¤Ï¡Ö¥×¥í¥»¥¹¤¬Æ±¤¸¼Â¸ú¥æ¡¼¥¶ ID ¤ò»ý¤Ä¥×¥í¥»¥¹¤Ë Ʊ»þ¤Ë¥·¥°¥Ê¥ë¤òÁ÷¤ë¤³¤È¤¬¤Ç¤­¤ë¡×¤È¤¤¤¦¥æ¡¼¥¶¶õ´Ö NFS ¥µ¡¼¥Ð¤ò ¼ÂÁõ¤¹¤ëºÝ¤ËɬÍפǤ¢¤Ã¤¿¡£ ¤³¤ì¤Ïº£¤Ç¤ÏÇѤì¤Æ¤·¤Þ¤Ã¤¿¡£ setfsuid(2) ¤ò»È¤¦¤Ù¤­¤Ç¤Ï¤Ê¤¤¡£

ƱÍͤˡ¢Linux ¤Ç¤Ï¼Â¸ú¥°¥ë¡¼¥× ID ¤ÎÂå¤ï¤ê¤Ë fsgid ("¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¡¦¥°¥ë¡¼¥×ID") ¤ò»È¤¦¡£ setfsgid(2) ¤ò»²¾È¤¹¤ë¤³¤È¡£

µö²Ä¤Î³Îǧ¤ò¥¹¥­¥Ã¥×¤¹¤ë: ¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¤È¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£

ÅÁÅýŪ¤Ê Unix ¥·¥¹¥Æ¥à¤Ç¤Ï¡¢¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶ (root, ¥æ¡¼¥¶ ID 0) ¤ÏÈó¾ï¤Ë¶¯ÎϤǤ¢¤ê¡¢¥Õ¥¡¥¤¥ë¥¢¥¯¥»¥¹»þ¤Î µö²Ä¤Ë¤è¤ëÀ©¸Â¤òÁ´¤Æ¥¹¥­¥Ã¥×¤¹¤ë¡£

Linux ¤Ç¤Ï¡¢¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¸¢¸Â¤¬Ê£¿ô¤Î¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤Ëʬ³ä¤µ¤ì¤Æ¤¤¤ë (capabilities(7) »²¾È)¡£¥Õ¥¡¥¤¥ë¤Îµö²Ä¤Î³Îǧ¤Ë¤Ï¡¢ CAP_DAC_OVERRIDE ¤È CAP_DAC_READ_SEARCH ¤Î 2¤Ä¤Î¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤¬´Ø·¸¤¹¤ë (¥×¥í¥»¥¹¤Î fsuid ¤¬ 0 ¤Î¾ì¹ç¡¢¤½¤Î¥×¥í¥»¥¹¤Ï¤³¤ì¤é¤Î¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤ò»ý¤Ä)¡£

CAP_DAC_OVERRIDE ¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤ÏÁ´¤Æ¤Îµö²Ä¥Á¥§¥Ã¥¯¤ò¾å½ñ¤­¤¹¤ë¡£ ¼ÂºÝ¤Ë¤Ï¡¢ÂоݤȤʤë¥Õ¥¡¥¤¥ë¤Î 3 ¤Ä¤Î¼Â¹Ôµö²Ä¥Ó¥Ã¥È¤Î¤¦¤Á¤Î ¾¯¤Ê¤¯¤È¤â 1 ¤Ä¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ì¤Ð¡¢¼Â¹Ô¤òµö²Ä¤¹¤ë¤À¤±¤Ç¤¢¤ë¡£

CAP_DAC_READ_SEARCH ¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤Ï¡¢ ¥Ç¥£¥ì¥¯¥È¥ê¤ËÂФ·¤ÆÆɤ߹þ¤ß¤È¸¡º÷¤òµö²Ä¤·¡¢ Ä̾ï¤Î¥Õ¥¡¥¤¥ë¤ËÂФ·¤ÆÆɤ߹þ¤ß¤òµö²Ä¤¹¤ë¡£

´ØÏ¢¹àÌÜ

capabilities(7)