BSD Authentication , otherwise known as BSD Auth , is an authentication framework and software API employed by OpenBSD and accompanying software such as OpenSSH . It originated with BSD/OS , and although the specification and implementation were donated to the FreeBSD project by BSDi , OpenBSD chose to adopt the framework in release 2.9. Pluggable Authentication Modules (PAM) serves a similar purpose on other operating systems such as Linux , FreeBSD and NetBSD .
21-587: BSD Auth performs authentication by executing scripts or programs as separate processes from the one requiring the authentication. This prevents the child authentication process from interfering with the parent except through a narrowly defined inter-process communication API, a technique inspired by the principle of least privilege and known as privilege separation . This behaviour has significant security benefits, notably improved fail-safeness of software, and robustness against malicious and accidental software bugs . This computer-library -related article
42-402: A shell pipeline , the output of the first process needs to pass to the second one, and so on. Another example is a task that has been decomposed into cooperating but partially independent processes which can run simultaneously (i.e., using concurrency, or true parallelism – the latter model is a particular case of concurrent execution and is feasible whenever multiple CPU cores are available for
63-740: A virtual memory system, where regions of a process's memory may be really on disk and not in main memory at any time. Even portions of active processes/tasks (executing programs) are eligible for swapping to disk, if the portions have not been used recently. Not all parts of an executing program and its data have to be in physical memory for the associated process to be active. An operating system kernel that allows multitasking needs processes to have certain states . Names for these states are not standardised, but they have similar functionality. When processes need to communicate with each other they must share parts of their address spaces or use other forms of inter-process communication (IPC). For instance in
84-521: A large increase in communication when compared to a regular monolithic kernel. IPC interfaces generally encompass variable analytic framework structures. These processes ensure compatibility between the multi-vector protocols upon which IPC models rely. An IPC mechanism is either synchronous or asynchronous. Synchronization primitives may be used to have synchronous behavior with an asynchronous IPC mechanism. Merging data from two processes can often incur significantly higher costs compared to processing
105-457: A single process at a time. However, multitasking allows each processor to switch between tasks that are being executed without having to wait for each task to finish ( preemption ). Depending on the operating system implementation, switches could be performed when tasks initiate and wait for completion of input/output operations, when a task voluntarily yields the CPU, on hardware interrupts , and when
126-403: A time: it is impossible to run more programs at the same time. A program might need some resource , such as an input device, which has a large delay, or a program might start some slow operation, such as sending output to a printer. This would lead to processor being "idle" (unused). To keep the processor busy at all times, the execution of such a program is halted and the operating system switches
147-416: Is "something that takes up time", as opposed to "memory", which is "something that takes up space". The above description applies to both processes managed by an operating system, and processes as defined by process calculi . If a process requests something for which it must wait, it will be blocked. When the process is in the blocked state , it is eligible for swapping to disk, but this is transparent in
168-486: Is a stub . You can help Misplaced Pages by expanding it . This Unix -related article is a stub . You can help Misplaced Pages by expanding it . Process (computing) In computing , a process is the instance of a computer program that is being executed by one or many threads . There are many different process models, some of which are light weight, but almost all processes (even entire virtual machines ) are rooted in an operating system (OS) process which comprises
189-465: Is called concurrency . For security and reliability, most modern operating systems prevent direct communication between independent processes, providing strictly mediated and controlled inter-process communication. In general, a computer system process consists of (or is said to own ) the following resources: The operating system holds most of this information about active processes in data structures called process control blocks . Any subset of
210-403: Is said to own resources, of which an image of its program (in memory) is one such resource. However, in multiprocessing systems many processes may run off of, or share, the same reentrant program at the same location in memory, but each process is said to own its own image of the program. Processes are often called "tasks" in embedded operating systems. The sense of "process" (or task)
231-399: Is the execution of those instructions after being loaded from the disk into memory. Several processes may be associated with the same program; for example, opening up several instances of the same program often results in more than one process being executed. Multitasking is a method to allow multiple processes to share processors (CPUs) and other system resources. Each CPU (core) executes
SECTION 10
#1733084696577252-536: The advent of concepts such as time-sharing , computer networks , and multiple-CPU shared memory computers, the old "multiprogramming" gave way to true multitasking , multiprocessing and, later, multithreading . Inter-process communication In computer science , inter-process communication ( IPC ), also spelled interprocess communication , are the mechanisms provided by an operating system for processes to manage shared data. Typically, applications can use IPC, categorized as clients and servers , where
273-451: The appearance of many processes executing simultaneously (that is, in parallel ), though in fact only one process can be executing at any one time on a single CPU (unless the CPU has multiple cores, then multithreading or other similar technologies can be used). It is usual to associate a single process with a main program, and child processes with any spin-off, parallel processes, which behave like asynchronous subroutines. A process
294-403: The client requests data and the server responds to client requests. Many applications are both clients and servers, as commonly seen in distributed computing . IPC is very important to the design process for microkernels and nanokernels , which reduce the number of functionalities provided by the kernel. Those functionalities are then obtained by communicating with servers via IPC, leading to
315-743: The operating system scheduler decides that a process has expired its fair share of CPU time (e.g, by the Completely Fair Scheduler of the Linux kernel ). A common form of multitasking is provided by CPU's time-sharing that is a method for interleaving the execution of users' processes and threads, and even of independent kernel tasks – although the latter feature is feasible only in preemptive kernels such as Linux . Preemption has an important side effect for interactive processes that are given higher priority with respect to CPU bound processes, therefore users are immediately assigned computing resources at
336-618: The processes that are ready to run). It is even possible for two or more processes to be running on different machines that may run different operating system (OS), therefore some mechanisms for communication and synchronization (called communications protocols for distributed computing) are needed (e.g., the Message Passing Interface {MPI}). By the early 1960s, computer control software had evolved from monitor control software , for example IBSYS , to executive control software . Over time, computers got faster while computer time
357-400: The processor to run another program. To the user, it will appear that the programs run at the same time (hence the term "parallel"). Shortly thereafter, the notion of a "program" was expanded to the notion of an "executing program and its context". The concept of a process was born, which also became necessary with the invention of re-entrant code . Threads came somewhat later. However, with
378-444: The program code, assigned system resources, physical and logical access permissions, and data structures to initiate, control and coordinate execution activity. Depending on the OS, a process may be made up of multiple threads of execution that execute instructions concurrently . While a computer program is a passive collection of instructions typically stored in a file on disk, a process
399-607: The resources, typically at least the processor state, may be associated with each of the process' threads in operating systems that support threads or child processes. The operating system keeps its processes separate and allocates the resources they need, so that they are less likely to interfere with each other and cause system failures (e.g., deadlock or thrashing ). The operating system may also provide mechanisms for inter-process communication to enable processes to interact in safe and predictable ways. A multitasking operating system may just switch between processes to give
420-428: The simple pressing of a key or when moving a mouse. Furthermore, applications like video and music reproduction are given some kind of real-time priority, preempting any other lower priority process. In time-sharing systems, context switches are performed rapidly, which makes it seem like multiple processes are being executed simultaneously on the same processor. This seemingly-simultaneous execution of multiple processes
441-626: Was still neither cheap nor fully utilized; such an environment made multiprogramming possible and necessary. Multiprogramming means that several programs run concurrently . At first, more than one program ran on a single processor, as a result of underlying uniprocessor computer architecture, and they shared scarce and limited hardware resources; consequently, the concurrency was of a serial nature. On later systems with multiple processors , multiple programs may run concurrently in parallel . Programs consist of sequences of instructions for processors. A single processor can run only one instruction at
SECTION 20
#1733084696577#576423