Unix is a multitasking operating system. Every task that the computer is performing at any moment—every user running a word processor program, for example—has a process. The process is the operating system’s fundamental tool for controlling the computer.
Nearly everything that Unix does is done with a process. One process
displays the characters
login: on the
user’s terminal and reads the characters that the
user types to log into the system. Another process spools PostScript
to the laser printer. (If you don’t have a
PostScript-based printer, yet another process translates PostScript
into whatever language your printer happens to use—for example,
PCL.) On a workstation, a special process called the
window server displays text in windows on the
screen. (Another process called the window
manager lets the user move those windows around.)
At any given moment, the average Unix operating system might be running anywhere from a few dozen to several hundred different processes. Large multiuser systems typically run hundreds to thousands of processes, as Unix runs at least one process for every user who is logged in, another process for every program that every user is running, another process for every hardwired terminal that is waiting for a new user, and a few dozen processes to manage servers and background tasks.
But regardless of whether you are responsible for security on a small system or a large one, understanding how processes work and the process lifecycle is vital ...