[go: up one dir, main page]

CN114153801A - A file opening method, computing device and storage medium - Google Patents

A file opening method, computing device and storage medium Download PDF

Info

Publication number
CN114153801A
CN114153801A CN202111459427.4A CN202111459427A CN114153801A CN 114153801 A CN114153801 A CN 114153801A CN 202111459427 A CN202111459427 A CN 202111459427A CN 114153801 A CN114153801 A CN 114153801A
Authority
CN
China
Prior art keywords
file
absolute path
user
configuration file
user name
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111459427.4A
Other languages
Chinese (zh)
Inventor
马海亮
孟杰
薛皓琳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Uniontech Software Technology Co Ltd
Original Assignee
Uniontech Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Uniontech Software Technology Co Ltd filed Critical Uniontech Software Technology Co Ltd
Priority to CN202111459427.4A priority Critical patent/CN114153801A/en
Publication of CN114153801A publication Critical patent/CN114153801A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a file opening method, a computing device and a storage medium, wherein the method comprises the following steps: when the operation of opening any file is monitored, acquiring an absolute path of the current file and a user name for opening the current file as a first absolute path and a first user name; judging whether an absolute path which is the same as the first absolute path exists in the configuration file or not; if yes, acquiring a user name corresponding to the same absolute path as the first absolute path, and taking the user name as a second user name; and judging whether the first user name is the same as the second user name or not, and if so, opening the current file. According to the file opening method, whether the current user is the user with the operation authority can be judged more comprehensively and accurately, whether the file is opened or not can be judged more accurately, and data safety is improved.

Description

File opening method, computing device and storage medium
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a file opening method, a computing device, and a storage medium.
Background
With the rapid development of internet technology and the popularization of computing device applications, people can not leave computing devices more and more in scenes such as office and life, a large number of files can be involved in scenes such as office and life by using the computing devices, some confidential contents or privacy exist in the large number of files, and in order to protect the privacy of users, the authority of the files needs to be controlled strictly.
When the operation right of the file is not configured, only the root user can read, write and execute the file, and if other non-root users want to perform operations such as reading and writing on any file, the read-write right of the file is required to be configured and changed by the root user. In the prior art, a root user configures and changes the read-write permission of a non-root user to a file through a control instruction, but the configuration and the change of the operation permission of the non-root to the file are controlled through the control instruction, the user needs to be familiar with the control instruction, the learning cost of the user is increased, and the method is not friendly to a common root user, so that the complexity of controlling the operation permission of the file is increased.
Because the prior art does not have a mode of configuring file operation authority with simple operation, at present, there is no method for opening a file after configuring the file operation authority with simple operation.
Disclosure of Invention
To this end, the present invention provides a file opening method in an attempt to solve or at least alleviate the above-presented problems.
According to one aspect of the present invention, there is provided a file opening method, executed in a computing device, where a configuration file for configuring file authority is stored, and any data item of the configuration file includes an absolute path of the file and a user name allowing the file to be operated, the method including: when the operation of opening any file is monitored, acquiring an absolute path of the current file and a user name for opening the current file as a first absolute path and a first user name; judging whether an absolute path which is the same as the first absolute path exists in the configuration file or not; if the first absolute path exists, acquiring a user name corresponding to the same absolute path as the first absolute path as a second user name; and judging whether the first user name is the same as the second user name or not, and if so, opening the current file.
Optionally, the file opening method of the present invention further includes the steps of: and if the absolute path which is the same as the first absolute path does not exist in the configuration file, determining an access user which is allowed to operate the current file.
Optionally, the file opening method of the present invention further includes the steps of: and judging whether the first user is an access user allowing to operate the current file, if so, opening the current file, and if not, not opening the current file.
Optionally, before determining whether an absolute path that is the same as the first absolute path exists in the configuration file, the file opening method of the present invention further includes: and reading the data items of the configuration file and caching.
Optionally, the step of reading and caching the data items of the configuration file includes: reading data items of the configuration file from a starting position; caching the read data item; closing the configuration file after the reading is finished; and restoring the configuration file to the configuration state before reading.
Optionally, the step of determining whether an absolute path identical to the first absolute path exists in the configuration file includes: traversing each data item in the cache; and judging whether the absolute path in the currently traversed data item is the same as the first absolute path or not.
Optionally, the configuration file is pre-configured by the root user.
Optionally, any data item in the configuration file is in the form of a key-value pair, a key of the key-value pair is an absolute path of the file, and a key of the key-value pair is a user name allowing the file to be operated.
According to yet another aspect of the present invention, there is provided a computing device comprising: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the program instructions comprising instructions for performing the method as described above.
According to another aspect of the present invention, there is provided a readable storage medium storing program instructions which, when read and executed by a computing device, cause the computing device to perform the method as described above.
According to the technical scheme of the invention, a file display method is provided, after a root user presets each file and a user enjoying the authority to operate the file, a configuration file is generated, the operation of opening the file by the user is responded, an absolute path of the current file and a user name for opening the current file are obtained and used as a first absolute path and a first user name, whether an absolute path which is the same as the first absolute path exists in the configuration file or not is judged, if yes, the operation authority of the root user to the file is configured, a user name which corresponds to the absolute path which is the same as the first absolute path is continuously obtained and used as a second user name, whether the first user name is the same as the second user name or not is judged, if so, the current user enjoys the authority to operate the file by the current user, the current file can be opened, and if not, the current user does not enjoy the authority to operate the file, then the file is not opened to avoid leakage of the file content, thereby improving data security. And when the configuration file does not have the absolute path which is the same as the first absolute path, the access user allowed by the current file is also determined, and the file is opened only when the current user is the access user allowed by the file, so that whether the current user is a user with operation authority or not is judged more comprehensively and accurately, whether the file is opened or not is judged more accurately, and the data security is also improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
To the accomplishment of the foregoing and related ends, certain illustrative aspects are described herein in connection with the following description and the annexed drawings, which are indicative of various ways in which the principles disclosed herein may be practiced, and all aspects and equivalents thereof are intended to be within the scope of the claimed subject matter. The above and other objects, features and advantages of the present disclosure will become more apparent from the following detailed description read in conjunction with the accompanying drawings. Throughout this disclosure, like reference numerals generally refer to like parts or elements.
FIG. 1 shows a block diagram of a computing device 100, according to one embodiment of the invention;
FIG. 2 shows a flow diagram of a file opening method 200 according to one embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
With the rapid development of internet technology and the popularization of computing device applications, people can not leave the computing device more and more in scenes such as office and life, people can relate to a large number of files in scenes such as office and life by using the computing device, and a certain confidential content or privacy exists in the large number of files, so that the authority of the files needs to be controlled strictly in order to protect the privacy of users.
The file authority types include read, write and execute, and the granularity of the file authority under an operating system (such as an L i nux operating system) includes three types, namely an owner, a group and other groups. Each file can set different read, write and execution rights for three granularities.
In most cases, only the root user can operate a file when the file is not subjected to authority control. If other non-root users want to perform operations such as reading and writing on any file, the root users need to configure and change the operation authority of the file.
In the prior art, a root user configures and changes the read-write permission of a non-root user to a file through a control instruction, but the configuration and the change of the read-write permission of the user to the file are controlled through the control instruction, the user needs to be familiar with the control instruction, the learning cost of the user is increased, and the method is not friendly to common users, so that the complexity of controlling the read-write permission of the file is increased.
Because the prior art does not have a mode of configuring file operation authority with simple operation, at present, there is no method for opening a file after configuring the file operation authority with simple operation.
In order to solve the above problem, the present invention provides a file opening method, which is executed in a computing device 100, and the computing device 100 may be implemented as a server, such as an application server, a Web server, etc.; but may also be implemented as a desktop computer, a notebook computer, a processor chip, a tablet computer, etc., but is not limited thereto. FIG. 1 shows a block diagram of a computing device 100, according to one embodiment of the invention. A block diagram of a computing device 100 As shown in FIG. 1, in a basic configuration 102, the computing device 100 typically includes a system memory 106 and one or more processors 104. A memory bus 108 may be used for communication between the processor 104 and the system memory 106.
Depending on the desired configuration, the processor 104 may be any type of processing, including but not limited to: a microprocessor (μ P), a microcontroller (μ C), a Digital Signal Processor (DSP), or any combination thereof. The processor 104 may include one or more levels of cache, such as a level one cache 110 and a level two cache 112, a processor core 114, and registers 116. The example processor core 114 may include an Arithmetic Logic Unit (ALU), a Floating Point Unit (FPU), a digital signal processing core (DSP core), or any combination thereof. The example memory controller 118 may be used with the processor 104, or in some implementations the memory controller 118 may be an internal part of the processor 104.
Depending on the desired configuration, system memory 106 may be any type of memory, including but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. System memory 106 may include an operating system 120, one or more applications 122, and program data 124. In some embodiments, application 122 may be arranged to operate with program data 124 on an operating system. Program data 124 includes instructions, and in computing device 100 according to the present invention, program data 124 contains instructions for performing file open method 200.
The computing device 100 also includes a storage device 132, the storage device 132 including removable storage 136 and non-removable storage 138, the removable storage 136 and the non-removable storage 138 each connected to the storage interface bus 134. In the present invention, the data related to each event occurring during the program execution process and the time information indicating the occurrence of each event may be stored in the storage device 132, and the operating system 120 is adapted to manage the storage device 132. The storage device 132 may be a magnetic disk.
Computing device 100 may also include an interface bus 140 that facilitates communication from various interface devices (e.g., output devices 142, peripheral interfaces 144, and communication devices 146) to the basic configuration 102 via the bus/interface controller 130. The example output device 142 includes an image processing unit 148 and an audio processing unit 150. They may be configured to facilitate communication with various external devices, such as a display or speakers, via one or more a/V ports 152. Example peripheral interfaces 144 may include a serial interface controller 154 and a parallel interface controller 156, which may be configured to facilitate communication with external devices such as input devices (e.g., keyboard, mouse, pen, voice input device, touch input device) or other peripherals (e.g., printer, scanner, etc.) via one or more I/O ports 158. An example communication device 146 may include a network controller 160, which may be arranged to facilitate communications with one or more other computing devices 162 over a network communication link via one or more communication ports 164.
A network communication link may be one example of a communication medium. Communication media may typically be embodied by computer readable instructions, data structures, program modules, and may include any information delivery media, such as carrier waves or other transport mechanisms, in a modulated data signal. A "modulated data signal" may be a signal that has one or more of its data set or its changes made in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired network or private-wired network, and various wireless media such as acoustic, Radio Frequency (RF), microwave, infrared (I R), or other wireless media. The term computer readable media as used herein may include both storage media and communication media.
Computing device 100 may be implemented as a server, such as a file server, a database server, an application server, a WEB server, etc., or as part of a small-form factor portable (or mobile) electronic device, such as a cellular telephone, a Personal Digital Assistant (PDA), a personal media player device, a wireless WEB-watch device, a personal headset device, an application specific device, or a hybrid device that include any of the above functions. Computing device 100 may also be implemented as a personal computer including both desktop and notebook computer configurations. In some embodiments, the computing device 100 is configured to perform a file opening method 200 in accordance with the present invention.
FIG. 2 shows a flow diagram of a file opening method 200 according to one embodiment of the invention. The method 200 is suitable for being executed in a computing device 100 (such as the computing device shown in fig. 1), and can be applied to application scenes of websites, application programs and the like, wherein files which can only be accessed by a root user exist, and users who are authorized to operate the files are configured in a configuration file in advance by the root user. The file operation authority includes read, write, execute and other authorities of the file.
The file opening method 200 includes steps S201 to S213.
For a file which can only be operated by a root user, if the authority of operating the file is required to be shared by other users, the root user is required to change and configure the file operation authority. And the operation authority of the file is changed by the existing root user through the control instruction, and the learning cost of the root user is increased because the root user needs to know the operation instruction.
Therefore, the root user needs an easy way to change and configure the operation authority of the file, specifically: compared with the mode that the operation authority of the file is changed through a control instruction, the mode that the file operation authority is changed through the configuration file does not need the root user to learn the control instruction, learning cost is not needed, the complexity of controlling the file operation authority by the root user is reduced, and the method is more friendly to the root user.
For example, for any file, a key-value pair consisting of an absolute path of the file and a user name corresponding to the file may be written in the configuration file, where the absolute path of the file identifies a unique file, and the user name represents a user who has an operation authority of the file. That is, for any file, the operation authority of the file is configured in the form of a key value pair. Therefore, the generated configuration file comprises a plurality of key value pairs, and each key value pair is a data item configured for the operation authority of any file. Part of the contents of the configuration file are as follows:
/opt/test1.txt test1
/opt/test2.txt test2
/opt/test3.txt test3
in the above example, except for the root, the file/opt/test 1.txt only allows the test1 user to read, write and execute, the/opt/test 2.txt only allows the test2 user to read, write and execute, and the/opt/test 3.txt only allows the test3 user to read, write and execute.
After the root user completes the file operation permission change, that is, the configuration is generated, the saving interface is triggered to save the configuration file, and at this time, the computing device 100 responds to the operation of the root user to save the configuration file, and executes step S201 to store the configuration file. The storage mode of the configuration file is not limited, for example, the configuration file is stored locally.
When the operation of opening any file by the user is monitored, step S202 is executed to acquire the absolute path of the current file and the user name of the current file as the first absolute path and the first user name.
After the absolute path of the current file and the user name of the current file are obtained, step S203 is executed to read the data item of the configuration file and cache the data item. Specifically, the method comprises the following steps: and reading the data items of the configuration files from a database of a local or communication connected network server through the reading function, and caching the data items. The present invention does not limit the read function as long as the function that can read the data item of the configuration file is satisfied. For example, the read function may be a do _ sys _ open () function.
Step S203 is described in detail below with the read function being the do _ sys _ open () function as an example: reading the data items of the configuration file line by line from the initial position of the configuration file, caching the read data items, judging whether the reading is finished or not, if not, continuously reading the data of the configuration file and caching, if so, closing the configuration file, and restoring the configuration file to the configuration state before the reading so as to restore the configuration file to the initial state, thereby facilitating the subsequent access to the configuration file.
The following are examples of critical code that reads and caches data items of a configuration file:
Figure BDA0003389308360000071
after reading and caching the data items of the configuration file, executing step S204, traversing each data item in the cache, and continuing to execute step S205, determining whether an absolute path in the currently traversed data item is the same as the first absolute path, if so, executing step S206, obtaining a user name corresponding to the absolute path that is the same as the first absolute path, as a second user name, and if not, indicating that the root user does not configure the operation authority of the file, then executing step S207, and determining an access user allowed to the current file, where it can be understood that, when the root user does not configure the operation authority of the file, the user allowed to access the current file can be directly determined, and the allowed access user can be understood as a user that has access to the file set by the user when creating the file.
After the absolute path in the currently traversed data item is the same as the first absolute path and the user name (i.e., the second user name) corresponding to the file absolute path that is the same as the first absolute path is obtained, step S208 is continuously executed to determine whether the first user name is the same as the second user name, if so, the current user is a user in the configuration file that is corresponding to the absolute path of the file, i.e., the current user enjoys the authority to operate the file, step S209 is executed to open the current file. If the difference is not the same, it indicates that the current user is not the user corresponding to the absolute path of the file in the configuration file, that is, the current user does not have the authority to operate the file, then step S210 is executed to avoid leakage of the file content, and the read file is not opened.
And when the absolute path in the currently traversed data item is different from the first absolute path and the access user allowed by the current file is determined, continuing to execute step S211, determining whether the first user is the access user allowed by the current file, if so, executing step S209, and if not, indicating that the user currently opening the file is not the access user allowed, executing step S210 without opening the current file to avoid file content leakage.
It should be noted that step S201 is executed each time the root user configures the user operation authority and generates a configuration file, and step S202 to step S213 are executed each time the user opens a file in a scene such as an application or a website.
It can be known from the above content that, in the file opening method of the present invention, after the root user presets each file and the user enjoying the authority to operate the file, generates the configuration file, responds to the operation of the user to open the file, obtains the absolute path of the current file and the user name to open the current file, as the first absolute path and the first user name, determines whether the absolute path same as the first absolute path exists in the configuration file, if so, indicates that the root user has configured the operation authority of the file, continues to obtain the user name corresponding to the absolute path same as the first absolute path, as the second user name, and determines whether the first user name is the same as the second user name, if so, indicates that the current user enjoys the authority to operate the file, the current file can be opened, if not, indicates that the current user does not enjoy the authority to operate the file, then the file is not opened to avoid leakage of the file content, thereby improving data security. And when the absolute path which is the same as the first absolute path does not exist in the configuration file, the access user allowed by the current file is also determined, and the file is opened only when the current user is the access user allowed by the file, so that whether the current user is a user with an operation authority or not is judged more comprehensively and accurately, and the judgment accuracy and the data security of file opening are improved.
In addition, in the invention, the root user controls the operation authority of the file in the form of the configuration file, and does not need to learn how to generate the configuration file.
The various techniques described herein may be implemented in connection with hardware or software or, alternatively, with a combination of both. Thus, the methods and apparatus of the present invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as removable hard drives, U.S. disks, floppy disks, CD-ROMs, or any other machine-readable storage medium, wherein, when the program is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein the memory is configured to store program code; the processor is configured to perform the file opening method of the present invention according to instructions in the program code stored in the memory.
By way of example, and not limitation, readable media may comprise readable storage media and communication media. Readable storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of readable media.
In the description provided herein, algorithms and displays are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with examples of this invention. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules or units or components of the devices in the examples disclosed herein may be arranged in a device as described in this embodiment or alternatively may be located in one or more devices different from the devices in this example. The modules in the foregoing examples may be combined into one module or may be further divided into multiple sub-modules.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the claims, any of the claimed embodiments may be used in any combination.
Furthermore, some of the described embodiments are described herein as a method or combination of method elements that can be performed by a processor of a computer system or by other means of performing the described functions. A processor having the necessary instructions for carrying out the method or method elements thus forms a means for carrying out the method or method elements. Further, the elements of the apparatus embodiments described herein are examples of the following apparatus: the apparatus is used to implement the functions performed by the elements for the purpose of carrying out the invention.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
While the invention has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this description, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as described herein. Furthermore, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter. Accordingly, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The present invention has been disclosed in an illustrative rather than a restrictive sense, and the scope of the present invention is defined by the appended claims.

Claims (10)

1.一种文件打开方法,在计算设备中执行,所述计算设备中存储有用于配置文件权限的配置文件,所述配置文件的任一数据项包括文件的绝对路径和允许操作该文件的用户名,所述方法包括:1. A file opening method, executed in a computing device, in which a configuration file for configuring file authority is stored, wherein any data item of the configuration file includes the absolute path of the file and a user who is allowed to operate the file name, the method includes: 当监测到打开任一文件的操作时,获取当前文件的绝对路径和打开当前文件的用户名,作为第一绝对路径和第一用户名;When an operation of opening any file is detected, the absolute path of the current file and the user name of the user who opened the current file are obtained as the first absolute path and the first user name; 判断所述配置文件中是否存在与所述第一绝对路径相同的绝对路径;Determine whether there is an absolute path that is the same as the first absolute path in the configuration file; 若存在,则获取与所述第一绝对路径相同的绝对路径对应的用户名,作为第二用户名;If it exists, obtain the user name corresponding to the absolute path that is the same as the first absolute path, as the second user name; 判断所述第一用户名与所述第二用户名是否相同,若相同,打开当前文件。Determine whether the first user name and the second user name are the same, and if they are the same, open the current file. 2.如权利要求1所述的方法,还包括步骤:2. The method of claim 1, further comprising the step of: 若所述配置文件中不存在与所述第一绝对路径相同的绝对路径,则确定允许操作所述当前文件的访问用户。If there is no absolute path that is the same as the first absolute path in the configuration file, determining an access user who is allowed to operate the current file. 3.如权利要求2所述的方法,还包括步骤:3. The method of claim 2, further comprising the step of: 判断所述第一用户是否为允许操作当前文件的访问用户,若是,则打开所述当前文件,若否,则不打开所述当前文件。It is judged whether the first user is an access user who is allowed to operate the current file, if so, the current file is opened, if not, the current file is not opened. 4.如权利要求1至3中任一项所述的方法,在判断所述配置文件中是否存在与所述第一绝对路径相同的绝对路径之前,还包括步骤:4. The method according to any one of claims 1 to 3, before judging whether an absolute path identical to the first absolute path exists in the configuration file, further comprising the steps of: 读取所述配置文件的数据项,并缓存。Read the data items of the configuration file and cache them. 5.如权利要求4所述的方法,其中,所述读取所述配置文件的数据项并缓存的步骤包括:5. The method of claim 4, wherein the step of reading and caching data items of the configuration file comprises: 从起始位置处开始读取所述配置文件的数据项;Start reading the data items of the configuration file from the starting position; 将读取的数据项进行缓存;Cache the read data items; 读取完成后关闭所述配置文件;Close the configuration file after reading is complete; 将所述配置文件还原为读取之前的配置状态。Restore the configuration file to the configuration state it was in before reading. 6.如权利要求5所述的方法,其中,所述判断所述配置文件中是否存在与所述第一绝对路径相同的绝对路径的步骤包括:6. The method of claim 5, wherein the step of judging whether an absolute path identical to the first absolute path exists in the configuration file comprises: 遍历缓存中的每一数据项;Traverse each data item in the cache; 判断当前遍历的数据项中的绝对路径与所述第一绝对路径是否相同。Determine whether the absolute path in the currently traversed data item is the same as the first absolute path. 7.如权利要求1至6中任一项所述的方法,其中,所述配置文件是通过root用户预先配置的。7. The method of any one of claims 1 to 6, wherein the configuration file is preconfigured by a root user. 8.如权利要求1至7中任一项所述的方法,其中,所述配置文件中任一数据项为键值对形式,所述键值对的键为文件的绝对路径,所述键值对的键值为允许操作该文件的用户名。8. The method according to any one of claims 1 to 7, wherein any data item in the configuration file is in the form of a key-value pair, and the key of the key-value pair is the absolute path of the file, and the key The key value of the value pair is the username that is allowed to operate the file. 9.一种计算设备,包括:9. A computing device comprising: 至少一个处理器;以及at least one processor; and 存储器,存储有程序指令,其中,所述程序指令被配置为适于由所述至少一个处理器执行,所述程序指令包括用于执行如权利要求1至8中任一项所述的方法的指令。a memory storing program instructions, wherein the program instructions are configured to be adapted for execution by the at least one processor, the program instructions comprising means for performing the method of any one of claims 1 to 8 instruction. 10.一种存储有程序指令的可读存储介质,当所述程序指令被计算设备读取并执行时,使得所述计算设备执行如权利要求1至8中任一项所述的方法。10. A readable storage medium storing program instructions which, when read and executed by a computing device, cause the computing device to perform the method of any one of claims 1 to 8.
CN202111459427.4A 2021-12-02 2021-12-02 A file opening method, computing device and storage medium Pending CN114153801A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111459427.4A CN114153801A (en) 2021-12-02 2021-12-02 A file opening method, computing device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111459427.4A CN114153801A (en) 2021-12-02 2021-12-02 A file opening method, computing device and storage medium

Publications (1)

Publication Number Publication Date
CN114153801A true CN114153801A (en) 2022-03-08

Family

ID=80455731

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111459427.4A Pending CN114153801A (en) 2021-12-02 2021-12-02 A file opening method, computing device and storage medium

Country Status (1)

Country Link
CN (1) CN114153801A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101847196A (en) * 2009-03-24 2010-09-29 上海任登信息科技有限公司 Method for strengthening authority control of document in Linux system
CN108614976A (en) * 2018-04-28 2018-10-02 苏州科达科技股份有限公司 Authority configuring method, device and storage medium
CN108833369A (en) * 2018-05-28 2018-11-16 郑州云海信息技术有限公司 Method, device and equipment for accessing file system
KR20190054763A (en) * 2017-11-14 2019-05-22 (주)피스페이스 File leakage prevention based on security file system and commonly used file access interface
CN112181480A (en) * 2020-09-29 2021-01-05 北京达佳互联信息技术有限公司 Authority management method and device of version management system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101847196A (en) * 2009-03-24 2010-09-29 上海任登信息科技有限公司 Method for strengthening authority control of document in Linux system
KR20190054763A (en) * 2017-11-14 2019-05-22 (주)피스페이스 File leakage prevention based on security file system and commonly used file access interface
CN108614976A (en) * 2018-04-28 2018-10-02 苏州科达科技股份有限公司 Authority configuring method, device and storage medium
CN108833369A (en) * 2018-05-28 2018-11-16 郑州云海信息技术有限公司 Method, device and equipment for accessing file system
CN112181480A (en) * 2020-09-29 2021-01-05 北京达佳互联信息技术有限公司 Authority management method and device of version management system

Similar Documents

Publication Publication Date Title
US10785228B2 (en) On-demand security policy activation
US10754976B2 (en) Configuring image as private within storage container
US10592470B2 (en) Discovery of calling application for control of file hydration behavior
US8024770B2 (en) Techniques for managing security contexts
CN114461404B (en) Process migration method, computing device and readable storage medium
US12468814B2 (en) Firmware policy enforcement via a security processor
US20210312271A1 (en) Edge ai accelerator service
US10205732B2 (en) Method, apparatus, system, and non-transitory medium for protecting a file
CN112989427B (en) File protection method, computing device and storage medium
CN112017330A (en) Smart lock parameter configuration method, device, smart lock and storage medium
US10255174B2 (en) Common cache pool for applications
CN114153801A (en) A file opening method, computing device and storage medium
CN111447178A (en) Access control method, system and computing device
US20250005133A1 (en) Use of image signing in endpoint device operation management
CN113254917B (en) A recording rights management method, computing device and storage medium
CN114510706A (en) Permission control method and device based on physical interface and computing equipment
CN111737690B (en) Method and device for preventing malicious software from carrying out sensitive operation on data
CN114880722B (en) Device mounting method, computing device and readable storage medium
CN114546774A (en) Computer interface monitoring method, computing equipment and storage medium
CN119415470B (en) Dual-band attribute adjustment method, system, terminal and readable storage medium
US12494925B2 (en) Self-attesting secure blueprints
US12452032B2 (en) Managing access to sensitive information
US12463826B2 (en) Multi-component blueprint digital signatures
US20250133086A1 (en) Securing blueprints for implementation in edge devices
US20250007726A1 (en) Key possession based verification in endpoint devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination