Discretionary Access Control Interfaces
Next: Application Considerations
Up: Discretionary Access Control
Previous: Discretionary Access Algorithm
To read the ACL of a file, a process must have read access to the file's
attributes (or possess appropriate privilege). To write (update) the ACL
of a file, the process must have write access to the file's attributes and
be the file owner (or possess appropriate privilege).
The POSIX.6 interfaces that are specified to implement the access control
list mechanism allow a file owner (or a user with appropriate privilege)
to create and manipulate an access control list associated with that file.
The interfaces for manipulating ACLs and ACL entries can be grouped as
follows:
- Get/set/manipulate ACL entries - includes interfaces to create new
entries, copy entries from one ACL to another, and delete entries,
- Get/set/manipulate ACL entry elements - includes interfaces to
add (modify) and delete an ACL entry's permissions or other parts of the
entry.
- Read/write/validate an ACL - includes interfaces that read the
whole ACL (the ACL is copied into allocated working space), write the
whole ACL (writes the ACL back to permanent storage), and validate the
whole ACL (checks for mandatory entries and duplicate entries, as well
as sorts the ACL).
- Translate an ACL into different formats - includes interfaces that
allow ACLs to
be copied from a system dependent, internal format to a format that can
be copied into user managed space, or into a structured text representation.
With these interfaces, portable applications can determine a subject's
access to an object, can create new objects and associate an ACL with the
object, can manipulate the ACL of an object, and in general use the
access information provided by the ACL in a manner that will be consistent
across all POSIX.6 compliant systems (that implement the ACL option).
John Barkley
Fri Oct 7 16:17:21 EDT 1994