Go to the previous, next section.

The Persona of a Process

At any time, each process has a single user ID and a group ID which determine the privileges of the process. These are collectively called the persona of the process, because they determine "who it is" for purposes of access control. These IDs are also called the effective user ID and effective group ID of the process.

Your login shell starts out with a persona which consists of your user ID and your default group ID. In normal circumstances, all your other processes inherit these values.

A process also has a real user ID which identifies the user who created the process, and a real group ID which identifies that user's default group. These values do not play a role in access control, so we do not consider them part of the persona. But they are also important.

Both the real and effective user ID can be changed during the lifetime of a process. See section Why Change the Persona of a Process?.

In addition, a user can belong to multiple groups, so the persona includes supplementary group IDs that also contribute to access permission.

For details on how a process's effective user IDs and group IDs affect its permission to access files, see section How Your Access to a File is Decided.

The user ID of a process also controls permissions for sending signals using the kill function. See section Signaling Another Process.

Go to the previous, next section.