Domain Implementation in Unix
Domain is associated with users.
Processes are generally executed in the domain of their users.
Each file has permission bits for owner, group and world (rwxrwxrwx).
A switch from a domain to another domain can be accomplished via the file system:
- If setuid bit on a program file is set, the program is executed in the domain of its owner, rather than in the domain of the process’ user.
- When would that be useful ?