July 2019
Intermediate to advanced
480 pages
9h 35m
Chinese
Content preview from 持續交付|使用Java
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
102
| 第六章
用戶、權限與群組
Linux 作業系統(OS)可以像其他作業系統一樣執行多工,從一開始,Linux 在設計上
就是可讓多位用戶同時操作系統的。為了讓這種多用戶的設計妥善地運作,它必須設法
避免用戶互相影響。在實作 CD 時,了解這種用戶概念非常重要,因為你通常會建立讓
多位、不同的用戶運行的組建管道。開發者在任何環境中執行 Java app 時,通常都以
root 用戶(一種預設全能的用戶,可以在 Linux OS 上存取所有檔案與使用所有命令)
的身分執行 app(可能是因為他們習慣在本地這樣做)。但是當你在生產環境執行 app
時,務必使用特定的用戶,以及最低權限。
用戶與最小權限原則
在 IT 與電腦科學領域中,
最小權限原則
(
principle of least privilege
,也稱為
principle of minimal privilege
或
principle of least authority
)的意思是,在計算環
境的特定抽象層中,每一個模組(例如用戶、程序或程式,依主題而定)都只
能夠存取(使用)實現合法目的所需的資訊與資源。當你執行 Java app 時,這
個原則的意思是:只讓用戶帳戶擁有執行其預期功能所需的權限。例如,執行
典型的 Java app 的 OS 用戶可以訪問所需的部分本地檔案系統與網路,但無法
安裝新軟體。
最小權限原則的好處包括:
讓系統更穩定
當你限制程式碼可以對系統進行改變的範圍時,你就更容易測試它可能的
動作,以及與其他 app 的互動。
讓系統更安全 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.