PreviousNext

Privilege Attribute Entry Types

The privilege attributes of a principal are based on identity and include the principal's name, its group membership(s), and native cell. Note that not all ACL manager types implement all privilege attribute entry types. For example, the ACL manager type of a database object probably would not support the user_obj and group_obj entry types.

Note: The term local cell means the cell specified in the ACL header; this is not necessarily the cell in which the protected object resides.

The descriptions of the ACL entry types that specify privilege attributes are as follows:

· user_obj

The user_obj entry establishes the permissions for the object's user (in the established UNIX sense). An ACL may contain only one entry of this type. The identity of the principal to which this ACL entry refers is assumed to be local and is specified somewhere other than in this entry. In the case of a file, for example, the identity is attached to the file's inode.

· user

The user entry establishes the permissions for the local principal named in this entry. An ACL may contain a number of entries of this type, but each entry must be unique with respect to the principal it specifies.

· foreign_user

The foreign_user entry establishes the permissions for the foreign principal named in this entry. An ACL may contain a number of entries of this type, but each entry must be unique with respect to the foreign principal it specifies. This entry type is exactly like the user entry type, except that this entry explicitly names a cell. (For the entry type user, the principal inherits the cell specified by the default cell identifier in the ACL header.)

· group_obj

The group_obj entry establishes the permissions for the object's "group'' (in the established UNIX sense). An ACL may contain only one entry of this type. As is the case with the user_obj entry, the identity of the group is assumed to be local and is specified elsewhere than in the group_obj entry itself.

· group

The group entry establishes the permissions for the local group named in this entry. An ACL may contain a number of entries of this type, but each entry must be unique with respect to the group it specifies.

· foreign_group

The foreign_group entry establishes the permissions for the foreign group named in this entry. An ACL may contain a number of entries of this type, but each entry must be unique with respect to the foreign group it specifies. This entry type is exactly like the group entry type, except that this entry explicitly names a cell (for the entry type group, the principals inherit the default cell identifier).

· other_obj

The other_obj entry establishes the permissions for local principals whose identities do not correspond to any entry type that explicitly names a principal or group; an ACL may contain only one entry of this type.

· foreign_other

The foreign_other entry establishes the permissions for all principals that are members of a specified foreign cell and whose identities do not correspond to any foreign_user or foreign_group entry. An ACL may contain a number of entries of this type, but each entry must specify a different foreign cell.

· any_other

The any_other entry establishes the permissions for principals whose privilege attributes do not match those specified in any other entry type. An ACL may contain only one entry of this type.

The following additional ACL entry types are supplied for delegated identities:

· user_obj_delegate

· user_delegate

· foreign_user_delegate

· group_obj_delegate

· group_delegate

· foreign_group_delegate

· foreign_other_delegate

· other_obj_delegate

· foreign_other_delegate

· any_other_delegate

These ACL entry types are described in detail in The Extended Privilege Attribute API, along with the extensions to the ACL checking algorithm for delegation.

ACL entries for privilege attributes consist of three fields in the following form:

entry_type[:key]:permissions

Following are descriptions of the fields:

· The ACL entry_type specifies an ACL entry type as described in the previous list.

· The key field specifies the privilege attribute to which the permissions listed in the entry apply. The key field for the ACL entry types user, group, foreign_user, foreign_group, and foreign_other explicitly names a principal, group, or cell. For the entry types foreign_user, foreign_group, and foreign_other, the key field must contain a global DCE pathname of the forms /.../cellname/principalname, /.../cellname/groupname, or /.../cellname, respectively. The entry types user_obj, group_obj, other_obj, and any_other do not use the key field.

· The permissions field lists the permissions that may be granted to the principal possessing the privilege attribute specified in the entry, unless a mask (or masks) further restricts the permissions that may be granted to the principal. As noted previously, the number and meaning of the permissions that may protect an object are defined by the object's ACL manager type. Therefore, the permissions that an ACL entry may specify must be the set, or a subset, of the permissions implemented by the manager type of the ACL in which the entry appears.

A principal is denied access when a user or foreign_user entry that names the principal contains an empty permission set.