Add to collection(s) Add to saved
  1. No category
Uploaded by Anwar Hossen

5.3 Object permissions and file-based access control

advertisement 
Object permissions and file-based access control
File-Based Access Control :
●
●
●
Unix treats everything as a file.
Permissions on files are critical.
Hierarchical file system structure.
User-Group-Others Model (ugo):
●
●
●
●
Assigns privileges based on 3 categories
User: file owner's privileges.
Group: shared access for user groups.
Others: permissions for all other users.
Figure: Symbolic display of file permissions.
ACL Alternatives :
Advantage :
● powerful and offer fine-grained precision
Disadvantages :
● Consuming memory and search time
● may need frequent updates
META Data and File Permission:
A commonly used such data structure contains the following
protection-related fields:
1) user: indicating the userid (UID) of the file owner.
2) group: indicating the groupid (GID) of the file.
3) 9 bits: 3 protection bits for each of (user, group, others)
● R (read): the file content may be read.
● W (write): an existing file’s content may be modified.
● X (execute): a binary file may be run.
4) 3 bits: special protection bits setuid, setgid, t-bit.
Limitations of ugo Model:
● Limited expressiveness.
● Bit-operations on 3 categories only.
Related documents
Object permissions and file-based access control
Object permissions and file-based access control
Documenting Shared Address Book Permissions from Groupwise Or Address Book
Documenting Shared Address Book Permissions from Groupwise Or Address Book
Image Permission procedure
Image Permission procedure
1b. Revised Project Plan C
1b. Revised Project Plan C
Permissions
Permissions
Download
advertisement