CN114329540A - File distribution processing method and device, storage medium and terminal - Google Patents
File distribution processing method and device, storage medium and terminal Download PDFInfo
- Publication number
- CN114329540A CN114329540A CN202111602442.XA CN202111602442A CN114329540A CN 114329540 A CN114329540 A CN 114329540A CN 202111602442 A CN202111602442 A CN 202111602442A CN 114329540 A CN114329540 A CN 114329540A
- Authority
- CN
- China
- Prior art keywords
- file
- target
- distribution
- service process
- distribution task
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a processing method and device for file distribution, a storage medium and a terminal, relates to the technical field of network security, and mainly aims to solve the problem of low file distribution efficiency in the prior art. The method comprises the following steps: configuring operation content for executing at least one file distribution task in a target system service process, wherein the target system service process is a system process for providing system security service; when a target file distribution task is received, calling a target system service process; and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task. The method is mainly used for processing file distribution.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method and an apparatus for processing file distribution, a storage medium, and a terminal.
Background
In order to meet the security protection requirements of internet users on terminal equipment, a server side issues files with different functions to each terminal equipment, so that operations such as software installation, configuration item modification, vulnerability repair and the like are performed on the terminal equipment based on the issued files, and the terminal equipment is protected.
At present, the existing file issuing requires that terminal equipment loads on the premise of user login, and meanwhile, distributed files which can be received by different software operation authorities are different, so that the files are protected safely. However, when the unregistered user terminal and the low-authority user terminal cannot perform security protection and further cannot receive the required file, the network security of the terminal device is seriously affected, so that the execution efficiency of the network security task of the terminal device is reduced, and the distribution efficiency of the file is greatly reduced.
Disclosure of Invention
In view of the above, the present invention provides a processing method and apparatus for file distribution, a storage medium, and a terminal, and mainly aims to solve the problem of low file distribution efficiency in the prior art.
According to an aspect of the present invention, there is provided a processing method for file distribution, including:
configuring operation content for executing at least one file distribution task in a target system service process, wherein the target system service process is a system process for providing system security service;
when a target file distribution task is received, calling a target system service process;
and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task.
Further, the configuring the operation content for executing at least one file distribution task to the target system service process includes:
acquiring distribution operation contents with different distribution attributes, splitting the distribution operation contents to obtain operation contents corresponding to the execution of at least one file distribution task and operation contents corresponding to the execution of at least one software distribution task after splitting, wherein the distribution attributes comprise file distribution and software distribution;
storing the operation content corresponding to the execution file distribution task in a system file with independent attribute, and configuring the system file in the target system service process;
and storing the operation content corresponding to the execution of the software distribution task in an original file corresponding to the distribution operation content.
Further, the storing the operation content corresponding to the execution file distribution task in the system file with independent attributes includes:
acquiring software operation permission corresponding to a file distribution task, wherein the software operation permission comprises standard user permission, management account permission, system permission and safety service permission;
and if the software operation authority is matched with the preset operation authority, storing the operation content of the file distribution task executed corresponding to the software operation authority in a system file with independent attribute.
Further, the invoking the target system service process comprises:
if the user state is detected to be not logged in, calling the target system service process; and/or the presence of a gas in the gas,
if the detected software operation authority is matched with the preset operation authority, calling the target system service process;
the executing the operation content corresponding to the target file distribution task through the target system service process comprises:
extracting the system file from the target system service process;
and determining the operation content of executing the target file distribution task in the system file, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task.
Further, the determining the operation content of executing the target file distribution task in the system file, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task includes:
acquiring the running program version, the running environment and the running safety feature of the target distribution file;
extracting sub-operation contents corresponding to the execution of the target file distribution task from the system file according to the running program version, the running environment and the running safety feature, wherein the system file stores operation contents comprising a plurality of sub-operation contents;
and loading and running the target distribution file of the target file distribution task based on the sub-operation content in the target system service process.
Further, after the target system service process executes the operation content corresponding to the target file distribution task, the method further includes:
detecting whether the configuration file information and/or registry information corresponding to the execution of the target file distribution task is matched with a preset file execution condition;
and if the configuration file information and/or the registry information match the preset file execution conditions, sending a file task distribution result to the server to indicate that the file distribution task for distributing the file is completed.
Further, after the target system service process executes the operation content corresponding to the target file distribution task, the method further includes:
detecting whether a loaded and operated target distribution file is matched with a system safe operation requirement, wherein the system safe operation requirement comprises at least one of system file execution safety content, operation behavior execution safety content and storage space operation safety content;
if the loaded and operated target distribution file is not matched with the system safe operation requirement, a file distribution task request is sent to a server, and the file distribution task request carries the system safe operation requirement, so that the server determines to distribute the file based on the system safe operation requirement.
According to another aspect of the present invention, there is provided a file distribution processing apparatus, including:
the system comprises a configuration module, a file distribution module and a file management module, wherein the configuration module is used for configuring operation contents for executing at least one file distribution task in a target system service process, and the target system service process is a system process for providing system security service;
the calling module is used for calling the target system service process when receiving a target file distribution task;
and the execution module is used for executing the operation content corresponding to the target file distribution task through the target system service process so as to load the distribution file for running the target file distribution task.
Further, the configuration module includes:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring distribution operation contents with different distribution attributes, splitting the distribution operation contents to obtain operation contents corresponding to at least one file distribution task and operation contents corresponding to at least one software distribution task, which are executed after splitting, and the distribution attributes comprise file distribution and software distribution;
the first storage unit is used for storing the operation content corresponding to the execution file distribution task in a system file with independent attribute and configuring the system file in the target system service process;
and the second storage unit is used for storing the operation content corresponding to the execution of the software distribution task in an original file corresponding to the distribution operation content.
Further, the first storage unit includes:
the acquisition subunit is used for acquiring software operation permissions corresponding to the file distribution task, wherein the software operation permissions comprise standard user permissions, management account permissions, system permissions and safety service permissions;
and the storage subunit is used for storing the operation content of the file distribution task executed corresponding to the software operation permission into the system file with independent attribute if the software operation permission is matched with the preset operation permission.
Further, the invoking module is specifically configured to invoke the target system service process if it is detected that the user state is not logged in; and/or, if the detected software operation authority is matched with the preset operation authority, calling the target system service process;
the execution module comprises:
the extracting unit is used for extracting the system file from the target system service process;
and the execution unit is used for determining the operation content of the system file for executing the target file distribution task, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task.
Further, the execution unit is specifically configured to obtain an operating program version, an operating environment, and an operating security feature of the target distribution file; extracting sub-operation contents corresponding to the execution of the target file distribution task from the system file according to the running program version, the running environment and the running safety feature, wherein the system file stores operation contents comprising a plurality of sub-operation contents; and loading and running the target distribution file of the target file distribution task based on the sub-operation content in the target system service process.
Further, the apparatus further comprises:
the detection module is used for detecting whether the configuration file information and/or the registry information corresponding to the execution of the target file distribution task is matched with a preset file execution condition or not;
and the sending module is used for sending a file task distribution result to the server side to indicate that a file distribution task for distributing the file is completed if the configuration file information and/or the registry information match the preset file execution condition.
Further, the detection module is further configured to detect whether a loaded and operated target distribution file matches a system safe operation requirement, where the system safe operation requirement includes at least one of a system file execution safety content, an operation behavior execution safety content, and a storage space operation safety content;
the sending module is further configured to send a file distribution task request to a server if the loaded and operated target distribution file is not matched with the system safe operation requirement, where the file distribution task request carries the system safe operation requirement, so that the server determines to distribute the file based on the system safe operation requirement.
According to still another aspect of the present invention, a storage medium is provided, and the storage medium stores at least one executable instruction, which causes a processor to execute operations corresponding to the processing method of file distribution as described above.
According to still another aspect of the present invention, there is provided a terminal including: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation corresponding to the file distribution processing method.
By the technical scheme, the technical scheme provided by the embodiment of the invention at least has the following advantages:
compared with the prior art, the embodiment of the invention configures the operation content for executing at least one file distribution task in the service process of the target system, wherein the service process of the target system is a system process for providing system security service; when a target file distribution task is received, calling a target system service process; and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task, thereby realizing effective distribution of the file under different user permissions and user states, meeting the file distribution requirement under system security service, and further improving the file distribution efficiency of the terminal aiming at the network security task.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart illustrating a processing method for file distribution according to an embodiment of the present invention;
FIG. 2 is a flow chart of another file distribution processing method provided by the embodiment of the invention;
FIG. 3 is a schematic diagram illustrating a file distribution task execution flow according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a processing method for file distribution according to another embodiment of the present invention;
FIG. 5 is a flowchart illustrating a processing method for file distribution according to another embodiment of the present invention;
FIG. 6 is a flow chart of a processing method for file distribution according to an embodiment of the present invention;
FIG. 7 is a block diagram illustrating a processing apparatus for distributing files according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The method aims at file issuing and requires that terminal equipment is loaded on the premise of user login, and meanwhile, distribution files which can be received by different user authorities are different, so that the files are protected safely. However, when the unregistered user terminal and the low-authority user terminal cannot perform security protection and further cannot receive the required file, the network security of the terminal device is seriously affected, so that the execution efficiency of the network security task of the terminal device is reduced, and the distribution efficiency of the file is greatly reduced. An embodiment of the present invention provides a processing method for file distribution, as shown in fig. 1, the method includes:
101. and configuring the operation content for executing at least one file distribution task in a target system service process.
In the embodiment of the present invention, the current execution end is used as a terminal for receiving the server and sending the distribution file to load and install, including but not limited to terminal devices such as a computer and a mobile communication device, and correspondingly, before executing the file distribution task, the current execution end configures the operation content for executing the file distribution task in the service process of the target system. The file distribution task is a task for loading a distribution file sent by a current execution terminal to a server, and at this time, the operation content is a specific program or code for loading and running the distribution file corresponding to the execution of the file distribution task, and the specific program or code can be stored in a system module in the form of a system file. In addition, the target system service process is a system process for providing system security service, specifically, the system security service is a service for performing security protection on the computer system, including but not limited to service contents such as virus protection, exception checking and killing, system repair, and the like, and the target system service process for providing system security service can perform security protection on a distribution file of any file distribution task, so that whether a user logs in or has a corresponding right does not need to be verified. The system security service may be obtained by loading and installing a terminal security management application in a current execution end, where the terminal security management application separately generates a target system service process in a system layer during execution to serve as the system process providing the system security service, for example, the terminal loads and installs an engine client on the current terminal, and at this time, the engine client provides the engine service process for the system layer to serve as the target system service process, and configures operation contents of a file distribution task in the engine service process.
It should be noted that, since the distribution files corresponding to the file distribution tasks are different, and the corresponding operation contents may be different, when the operation contents are configured in the target system service process, the operation contents of each file distribution task are respectively configured in the target system service process, so that when different file distribution tasks are received, the corresponding operation contents are executed, which is not specifically limited in the embodiment of the present invention.
102. And when a target file distribution task is received, calling the target system service process.
In the embodiment of the invention, when the current execution end receives the target file distribution task issued by the server end, the target system service process is directly called, and at the moment, because the target system service process provides system safety service, the loading operation of the distribution file can be carried out through the system safety service no matter whether the user state of the current execution end is a login state or not and no matter which level the software operation authority of the current execution end is, so that the efficiency and the safety of the distribution file are ensured.
103. And executing the operation content corresponding to the target file distribution task through the target system service process.
In the embodiment of the invention, after the current target system service program arrives, the operation content corresponding to the target file distribution task is executed based on the target system service program so as to load and operate the distribution file of the target file distribution task, thereby realizing the loading and operation of the distribution file under the condition of no login or different software operation levels and greatly increasing the file distribution efficiency.
In another embodiment of the present invention, for further definition and explanation, as shown in fig. 2, the step 101 of configuring the operation content of performing at least one file distribution task in the target system service process includes:
201. acquiring distribution operation contents with different distribution attributes, splitting the distribution operation contents to obtain operation contents corresponding to the execution of at least one file distribution task and operation contents corresponding to the execution of at least one software distribution task after splitting;
202. storing the operation content corresponding to the execution file distribution task in a system file with independent attribute, and configuring the system file in the target system service process;
203. and storing the operation content corresponding to the execution of the software distribution task in an original file corresponding to the distribution operation content.
In the embodiment of the invention, in order to meet the requirement on the effectiveness of file distribution, distribution operation contents with different distribution attributes are obtained, so that the operation contents corresponding to a file distribution task are split to be configured in a target system service process. The distribution attribute comprises file distribution and software distribution, so that distribution operation content of a specific program or code which can be loaded and run is split, and operation content corresponding to the file distribution task and operation content corresponding to the software distribution task are obtained. Specifically, in the embodiment of the present invention, after distributing operation content to a system module with a distribution function according to file distribution and software distribution, operation content corresponding to executing a file distribution task is stored in a system file with an independent attribute, at this time, the system file with the independent attribute is a system file in which operation content is separately stored in an independent module according to the file distribution function, such as an EntSoftware DistSvc.
In addition, in the embodiment of the present invention, for the operation content corresponding to the execution of the software distribution task, because the software distribution task has a relatively high pertinence, after the operation content corresponding to the software distribution task is obtained by splitting, the operation content is still stored in the original file corresponding to the distribution operation content, so that the software distribution task is still executed by depending on the login or the authority of the user.
It should be noted that, as shown in fig. 3, after splitting the distribution operation content to obtain an operation content corresponding to the file distribution task and an operation content corresponding to the software distribution task, the operation contents are stored respectively, for example, the operation content corresponding to the file distribution task is cached in a system file filedisttask.
In another embodiment of the present invention, for further limitation and description, as shown in fig. 4, the step 202 of storing the operation content corresponding to the execution of the file distribution task in a system file with independent attributes includes:
2021. acquiring software operation permission corresponding to the execution of a file distribution task;
2022. and if the software operation authority is matched with the preset operation authority, storing the operation content of the file distribution task executed corresponding to the software operation authority in a system file with independent attribute.
Specifically, for the purpose of implementing the privilege escalation of the software operation privilege, since the file distribution can be directly executed in the configured target system service process, and the operation content is stored in the system file with the independent attribute, when the operation content is stored in the system file, the operation content can be specifically judged according to the software operation privilege and the preset operation privilege, so as to determine that the operation content corresponding to the software operation privilege is stored in the system file with the independent attribute. In the embodiment of the invention, the standard user authority is lower than the management account authority, the management account authority is lower than the system authority, the system authority is lower than the security service authority TrustInsteller, at the moment, the standard user authority is the authority for standard or basic operation, the management account authority is the authority for management operation of various applications, the system authority is the authority for system layer operation, and the full service authority TrustInsteller is the authority for system updating and patch updating. In order to achieve the purpose of carrying out software operation permission lifting on the distributed files, the preset operation permission of the permission lifting is determined in advance, so that the operation content of the software operation permission corresponding to the execution of the file distribution task is stored in the system files with independent attributes. For example, the preset operation authority is standard user authority, management account authority and system authority, at this time, if the software operation authority corresponding to the current execution end executing the file distribution task is management account authority, the operation content of the execution file distribution task corresponding to the management account authority is directly stored in the system file with independent attribute, so that the execution file distribution task is directly called after the system file configuration and the target system service process, and the low-level authority can perform high-level authority distributed file software operation.
In another embodiment of the present invention, for further definition and explanation, the step 102 of invoking the target system service process comprises: if the user state is detected to be not logged in, calling the target system service process; and/or if the detected software operation permission is matched with the preset operation permission, calling the target system service process.
After the configuration of the target system service process is completed, in an implementation scene, after the current execution end receives a target file distribution task sent by the service end, whether the user state is login and/or whether the software operation authority matches the preset operation authority is detected, so that whether the target service process is called is determined. When the user state is not logged in, directly calling the target system service process, or when the user state is logged in, the software operation authority is matched with the preset operation authority, and if the user state is the management account authority, the target system service process is called.
Correspondingly, for further limitation and explanation, the step 103 of executing the operation content corresponding to the target file distribution task by the target system service process includes: extracting the system file from the target system service process; and determining the operation content of executing the target file distribution task in the system file, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task.
Specifically, since the operation content is a specific program or code for loading and running the distribution file corresponding to the execution of the file distribution task, after the target system service process is determined to be invoked, the target system service process collects and extracts the system file, and determines the operation content for executing the target file distribution task, so that the operation content is executed in the target system service process to load and run the target distribution file of the target file distribution task, that is, the distribution file is loaded and run.
It should be noted that, since the user state or the software operation permission has been determined, so as to invoke the target system service process, correspondingly, in the embodiment of the present invention, the loading and the operation of the distribution file can be directly performed, so that the file distribution task can be realized regardless of whether the file is logged in under the corresponding software operation permission.
In another embodiment of the present invention, for further limitation and description, the step of determining an operation content of the system file for executing the target file distribution task, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task includes: acquiring the running program version, the running environment and the running safety feature of the target distribution file; extracting sub-operation content corresponding to the execution of the target file distribution task from the system file according to the running program version, the running environment and the running safety feature; and loading and running the target distribution file of the target file distribution task based on the sub-operation content in the target system service process.
In order to realize accurate operation of the operation content in the service process of the target system, specifically, an operation program version, an operation environment and operation safety features of the target distribution file are obtained, so that sub-operation content in the operation content is extracted. The system file stores operation contents containing a plurality of sub-operation contents, and different operation program versions, operation environments and operation safety features are matched with different sub-operation contents, so that loading and operation of the target distribution file are more accurate and safer. The running program version is a program version loaded and run by different distribution files, different running program versions need different operation contents to be executed, the running environment is a system environment loaded and run by different distribution files, including but not limited to window10, window xp and the like, different running environments need different operation contents to be executed, the running security feature is a feature content of the distribution files for security protection, including but not limited to virus killing, system repair and the like, and different running security features need different operation contents to be executed, and the embodiment of the present invention is not specifically limited.
It should be noted that, because different operation program versions, operation environments, and operation security features require different operation contents to be executed, when splitting the distribution operation content, the operation content corresponding to the file distribution task may be further split into a plurality of matching sub-operation contents according to the operation program versions, the operation environments, and the operation security features, so that the sub-operation content corresponding to the file distribution task is extracted from the system file according to the operation program versions, the operation environments, and the operation security features, and the target distribution file of the target file distribution task is loaded and executed based on the sub-operation contents in the target system service process, thereby greatly improving the efficiency and the security of executing the target distribution file.
In another embodiment of the present invention, for further limitation and explanation, as shown in fig. 5, after the step 103 executes the operation content corresponding to the target file distribution task through the target system service process, the method further includes:
301. detecting whether the configuration file information and/or registry information corresponding to the execution of the target file distribution task is matched with a preset file execution condition;
302. and if the configuration file information and/or the registry information match the preset file execution conditions, sending a file task distribution result to the server to indicate that the file distribution task for distributing the file is completed.
In the embodiment of the present invention, in order to determine whether the target file distribution task is completed or not, and report the completion to the server, so that the server determines accurate distribution and execution of file distribution, as shown in fig. 3, after executing the operation content corresponding to the target file distribution task in the target system service process, it is detected whether the configuration file information and/or the registry information corresponding to the execution of the target file distribution task matches the preset file execution condition, so as to be used as a criterion for determining whether the target file distribution task is completed or not. The configuration file information includes, but is not limited to, a version number, file content, and the like, the registry information includes, but is not limited to, a registry value, a registry key, and the like, the corresponding preset file execution condition is whether predefined configuration file information exists, and whether registry information exists, so that when the configuration file information and/or the registry information matches the preset file execution condition, it is determined that the target file distribution task is completed. When the configuration file information and/or the registry information are matched with preset file execution conditions, a file task distribution result is generated and sent to the server side to indicate the server side to complete the file distribution task while the file distribution task is determined to be completed.
It should be noted that, in the flowchart shown in fig. 3, after receiving a file distribution task, the current execution end obtains operation contents to be executed from each file filedisttask.json, fileinstallonrestart.dat, softwardiststtask.json, and installsoftlistonrestartjt.dat, executes in an invoked target system service process, caches the file distribution task to be loaded and operated in an entsoftwardissvc.ext file, and caches the software distribution task to be loaded and operated in an entsoftwaredistrct.ext file, so that the target system service process is started to load and operate the file distribution task under the condition that user permissions or software operation permissions are matched. And finally caching the loaded and operated data into EntSoftware DistSvc.ext or EntSoftware Dist.ext so as to extract the configuration file information and/or the registry information corresponding to the target file distribution task when the step of detecting whether the configuration file information and/or the registry information corresponding to the target file distribution task is matched with the preset file execution condition is executed.
In another embodiment of the present invention, for further limitation and explanation, as shown in fig. 6, after the step 103 executes the operation content corresponding to the target file distribution task through the target system service process, the method further includes:
401. detecting whether the loaded and operated target distribution file is matched with the system safe operation requirement;
402. and if the loaded and operated target distribution file is not matched with the system safe operation requirement, sending a file distribution task request to the server.
In the embodiment of the invention, the distribution file can be a program file which is generated by the server and used for repairing or operating the terminal equipment system, so that the accuracy of the file distribution task is improved, and the condition that the operation of the system is invalid with the operation of the current execution end is avoided in the process of loading and operating the distribution file, therefore, whether the target distribution file which is loaded and operated by completing the execution of the operation content is matched with the safe operation requirement of the system is detected, and whether the file distribution task request is sent to the server again is determined. Wherein, the system safe operation requirement comprises at least one item of system file execution safe content, operation behavior execution safe content and storage space operation safe content, the system file execution safe content is used for representing the specific system file content required in the process of executing the safety protection service, the operation behavior execution safe content is used for representing the specific operation behavior content required in the process of executing the safety protection service, the storage space operation safe content is used for representing the specific storage space content required in the process of executing the safety protection service, and further, when the matching target distribution file is matched with the system safe operation requirement, whether at least one item of the system file execution safe content, the operation behavior execution safe content and the storage space operation safe content is matched with the content loaded and executed by the target distribution file is judged in turn, if so, the target distribution file cannot meet the requirement of system safety protection in the current execution end, and then the file distribution task request can be sent to the server again, at this time, the file distribution task request carries the system safety operation requirement, so that the server determines to distribute the file based on the system safety operation requirement.
Compared with the prior art, the embodiment of the invention provides a processing method for file distribution, and the method comprises the steps of configuring operation contents for executing at least one file distribution task in a target system service process, wherein the target system service process is a system process for providing system security service; when a target file distribution task is received, calling a target system service process; and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task, thereby realizing effective distribution of the file under different user permissions and user states, meeting the file distribution requirement under system security service, and further improving the file distribution efficiency of the terminal aiming at the network security task.
Further, as an implementation of the method shown in fig. 1, an embodiment of the present invention provides a processing apparatus for file distribution, as shown in fig. 7, the apparatus includes:
a configuration module 51, configured to configure operation content for executing at least one file distribution task in a target system service process, where the target system service process is a system process providing system security service;
the invoking module 52 is configured to invoke the target system service process when receiving a target file distribution task;
the executing module 53 is configured to execute, by the target system service process, the operation content corresponding to the target file distribution task, so as to load a distribution file for running the target file distribution task.
Further, the configuration module includes:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring distribution operation contents with different distribution attributes, splitting the distribution operation contents to obtain operation contents corresponding to at least one file distribution task and operation contents corresponding to at least one software distribution task, which are executed after splitting, and the distribution attributes comprise file distribution and software distribution;
the first storage unit is used for storing the operation content corresponding to the execution file distribution task in a system file with independent attribute and configuring the system file in the target system service process;
and the second storage unit is used for storing the operation content corresponding to the execution of the software distribution task in an original file corresponding to the distribution operation content.
Further, the first storage unit includes:
the acquisition subunit is used for acquiring software operation permissions corresponding to the file distribution task, wherein the software operation permissions comprise standard user permissions, management account permissions, system permissions and safety service permissions;
and the storage subunit is used for storing the operation content of the file distribution task executed corresponding to the software operation permission into the system file with independent attribute if the software operation permission is matched with the preset operation permission.
Further, the invoking module is specifically configured to invoke the target system service process if it is detected that the user state is not logged in; and/or, if the detected software operation authority is matched with the preset operation authority, calling the target system service process;
the execution module comprises:
the extracting unit is used for extracting the system file from the target system service process;
and the execution unit is used for determining the operation content of the system file for executing the target file distribution task, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task.
Further, the execution unit is specifically configured to obtain an operating program version, an operating environment, and an operating security feature of the target distribution file; extracting sub-operation contents corresponding to the execution of the target file distribution task from the system file according to the running program version, the running environment and the running safety feature, wherein the system file stores operation contents comprising a plurality of sub-operation contents; and loading and running the target distribution file of the target file distribution task based on the sub-operation content in the target system service process.
Further, the apparatus further comprises:
the detection module is used for detecting whether the configuration file information and/or the registry information corresponding to the execution of the target file distribution task is matched with a preset file execution condition or not;
and the sending module is used for sending a file task distribution result to the server side to indicate that a file distribution task for distributing the file is completed if the configuration file information and/or the registry information match the preset file execution condition.
Further, the detection module is further configured to detect whether a loaded and operated target distribution file matches a system safe operation requirement, where the system safe operation requirement includes at least one of a system file execution safety content, an operation behavior execution safety content, and a storage space operation safety content;
the sending module is further configured to send a file distribution task request to a server if the loaded and operated target distribution file is not matched with the system safe operation requirement, where the file distribution task request carries the system safe operation requirement, so that the server determines to distribute the file based on the system safe operation requirement.
Compared with the prior art, the embodiment of the invention provides a processing device for file distribution, and the operation content for executing at least one file distribution task is configured in a target system service process, wherein the target system service process is a system process for providing system security service; when a target file distribution task is received, calling a target system service process; and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task, thereby realizing effective distribution of the file under different user permissions and user states, meeting the file distribution requirement under system security service, and further improving the file distribution efficiency of the terminal aiming at the network security task.
According to an embodiment of the present invention, a storage medium is provided, where at least one executable instruction is stored, and the computer executable instruction can execute the processing method for file distribution in any of the above method embodiments.
Fig. 8 is a schematic structural diagram of a terminal according to an embodiment of the present invention, and the specific embodiment of the present invention does not limit the specific implementation of the terminal.
As shown in fig. 8, the terminal may include: a processor (processor)602, a communication Interface 604, a memory 606, and a communication bus 608.
Wherein: the processor 602, communication interface 604, and memory 606 communicate with one another via a communication bus 608.
A communication interface 604 for communicating with network elements of other devices, such as clients or other servers.
The processor 602 is configured to execute the program 610, and may specifically perform relevant steps in the foregoing file distribution processing method embodiment.
In particular, program 610 may include program code comprising computer operating instructions.
The processor 602 may be a central processing unit CPU or an application Specific Integrated circuit asic or one or more Integrated circuits configured to implement embodiments of the present invention. The terminal comprises one or more processors, which can be the same type of processor, such as one or more CPUs; or may be different types of processors such as one or more CPUs and one or more ASICs.
And a memory 606 for storing a program 610. Memory 606 may comprise high-speed RAM memory, and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The program 610 may specifically be configured to cause the processor 602 to perform the following operations:
configuring operation content for executing at least one file distribution task in a target system service process, wherein the target system service process is a system process for providing system security service;
when a target file distribution task is received, calling a target system service process;
and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A processing method for file distribution is characterized by comprising the following steps:
configuring operation content for executing at least one file distribution task in a target system service process, wherein the target system service process is a system process for providing system security service;
when a target file distribution task is received, calling a target system service process;
and executing the operation content corresponding to the target file distribution task through the target system service process so as to load and run the distribution file of the target file distribution task.
2. The method of claim 1, wherein the configuring the operational context for performing at least one file distribution task into a target system service process comprises:
acquiring distribution operation contents with different distribution attributes, splitting the distribution operation contents to obtain operation contents corresponding to the execution of at least one file distribution task and operation contents corresponding to the execution of at least one software distribution task after splitting, wherein the distribution attributes comprise file distribution and software distribution;
storing the operation content corresponding to the execution file distribution task in a system file with independent attribute, and configuring the system file in the target system service process;
and storing the operation content corresponding to the execution of the software distribution task in an original file corresponding to the distribution operation content.
3. The method according to claim 2, wherein the storing the operation content corresponding to the execution of the file distribution task in a system file with independent attributes comprises:
acquiring software operation permission corresponding to a file distribution task, wherein the software operation permission comprises standard user permission, management account permission, system permission and safety service permission;
and if the software operation authority is matched with the preset operation authority, storing the operation content of the file distribution task executed corresponding to the software operation authority in a system file with independent attribute.
4. The method of claim 3, wherein invoking the target system service process comprises:
if the user state is detected to be not logged in, calling the target system service process; and/or the presence of a gas in the gas,
if the detected software operation authority is matched with the preset operation authority, calling the target system service process;
the executing the operation content corresponding to the target file distribution task through the target system service process comprises:
extracting the system file from the target system service process;
and determining the operation content of executing the target file distribution task in the system file, and executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task.
5. The method according to claim 4, wherein the determining the operation content of the system file for executing the target file distribution task, and the executing the operation content in the target system service process to load and run the target distribution file of the target file distribution task comprises:
acquiring the running program version, the running environment and the running safety feature of the target distribution file;
extracting sub-operation contents corresponding to the execution of the target file distribution task from the system file according to the running program version, the running environment and the running safety feature, wherein the system file stores operation contents comprising a plurality of sub-operation contents;
and loading and running the target distribution file of the target file distribution task based on the sub-operation content in the target system service process.
6. The method according to claim 1, wherein after the target system service process executes the operation content corresponding to the target file distribution task, the method further comprises:
detecting whether the configuration file information and/or registry information corresponding to the execution of the target file distribution task is matched with a preset file execution condition;
and if the configuration file information and/or the registry information match the preset file execution conditions, sending a file task distribution result to the server to indicate that the file distribution task for distributing the file is completed.
7. The method according to any one of claims 1 to 6, wherein after the executing, by the target system service process, the operation content corresponding to the target file distribution task, the method further comprises:
detecting whether a loaded and operated target distribution file is matched with a system safe operation requirement, wherein the system safe operation requirement comprises at least one of system file execution safety content, operation behavior execution safety content and storage space operation safety content;
if the loaded and operated target distribution file is not matched with the system safe operation requirement, a file distribution task request is sent to a server, and the file distribution task request carries the system safe operation requirement, so that the server determines to distribute the file based on the system safe operation requirement.
8. A processing apparatus for file distribution, comprising:
the system comprises a configuration module, a file distribution module and a file management module, wherein the configuration module is used for configuring operation contents for executing at least one file distribution task in a target system service process, and the target system service process is a system process for providing system security service;
the calling module is used for calling the target system service process when receiving a target file distribution task;
and the execution module is used for executing the operation content corresponding to the target file distribution task through the target system service process so as to load the distribution file for running the target file distribution task.
9. A storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform operations corresponding to the processing method for file distribution according to any one of claims 1 to 7.
10. A terminal, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the file distribution processing method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111602442.XA CN114329540A (en) | 2021-12-24 | 2021-12-24 | File distribution processing method and device, storage medium and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111602442.XA CN114329540A (en) | 2021-12-24 | 2021-12-24 | File distribution processing method and device, storage medium and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114329540A true CN114329540A (en) | 2022-04-12 |
Family
ID=81013409
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111602442.XA Pending CN114329540A (en) | 2021-12-24 | 2021-12-24 | File distribution processing method and device, storage medium and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114329540A (en) |
-
2021
- 2021-12-24 CN CN202111602442.XA patent/CN114329540A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109766696B (en) | Method and device for setting software permission, storage medium and electronic device | |
| US7430760B2 (en) | Security-related programming interface | |
| CN110851241A (en) | Safety protection method, device and system for Docker container environment | |
| CN100492300C (en) | System and method for executing a process on a microprocessor-enabled device | |
| CN112291258B (en) | Gateway risk control method and device | |
| CN114254304A (en) | Container security intrusion detection method and device, computer equipment and storage medium | |
| CN111431753A (en) | Asset information updating method, device, equipment and storage medium | |
| CN110837644B (en) | System penetration testing method and device and terminal equipment | |
| CN111191226A (en) | Method, device, equipment and storage medium for determining program by using privilege-offering vulnerability | |
| CN107623693B (en) | Domain name resolution protection method, device, system, computing equipment and storage medium | |
| CN107766068B (en) | Application system patch installation method and device, computer equipment and storage medium | |
| CN109785537B (en) | Safety protection method and device for ATM | |
| CN111090442A (en) | Application updating method and device and storage medium | |
| CN110809004A (en) | Safety protection method and device, electronic equipment and storage medium | |
| CN114329540A (en) | File distribution processing method and device, storage medium and terminal | |
| CN115455414A (en) | Safety detection method and device | |
| CN113709136B (en) | Access request verification method and device | |
| CN112597492B (en) | Binary executable file modification monitoring method based on Windows kernel | |
| CN114039778A (en) | Request processing method, device, equipment and readable storage medium | |
| CN114386047A (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN109558730B (en) | Safety protection method and device for browser | |
| CN114329444A (en) | System safety improving method and device | |
| CN112464225A (en) | Request processing method, request processing device and computer readable storage medium | |
| CN110597557A (en) | System information acquisition method, terminal and medium | |
| CN117762430B (en) | Processing method and device based on application program, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |