Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: C.1 About ProcessesAppendix C
UNIX Processes
Next: C.3 Signals
 

C.2 Creating Processes

A UNIX process can create a new process with the fork() system function.[6] fork() makes an identical copy of the calling process, with the exception that one process is identified as the parent or parent process, while the other is identified as the child or child process.

[6] fork is really a family of system calls. There are several variants of the fork call, depending on the version of UNIX that is being used, including the vfork() call, special calls to create a traced process, and calls to create a special kind of process known as a thread.

Note the following differences between child and parent:

The exec family of system functions lets a process change the program that it's running. Processes terminate when they call the _exit system function or when they generate an exception, such as an attempt to use an illegal instruction or address an invalid region of memory.

UNIX uses special programs, called shells (/bin/ksh, /bin/sh, and /bin/csh are all common shells) to read commands from the user and run other programs. The shell runs other programs by first executing one of the fork family of instructions to create a near-duplicate second process; the second process then uses one of the exec family of calls to run a new program, while the first process waits until the second process finishes. This technique is used to run virtually every program in UNIX, from small programs like /bin/ls to large programs like word processors.

If all of the processes on the system suddenly die (or exit), the computer would be unusable, because there would be no way of starting a new process. In practice this scenario never occurs, for reasons that will be described later.


Previous: C.1 About ProcessesPractical UNIX & Internet SecurityNext: C.3 Signals
C.1 About ProcessesBook IndexC.3 Signals