Discretionary Access Control Interfaces

next up previous contents
Next: Application Considerations Up: Discretionary Access Control Previous: Discretionary Access Algorithm

Discretionary Access Control Interfaces

To read the ACL of a file, a process must have read access to the file's attributes (or possess appropriate privilege). To write (update) the ACL of a file, the process must have write access to the file's attributes and be the file owner (or possess appropriate privilege).

The POSIX.6 interfaces that are specified to implement the access control list mechanism allow a file owner (or a user with appropriate privilege) to create and manipulate an access control list associated with that file. The interfaces for manipulating ACLs and ACL entries can be grouped as follows:

  1. Get/set/manipulate ACL entries - includes interfaces to create new entries, copy entries from one ACL to another, and delete entries,
  2. Get/set/manipulate ACL entry elements - includes interfaces to add (modify) and delete an ACL entry's permissions or other parts of the entry.
  3. Read/write/validate an ACL - includes interfaces that read the whole ACL (the ACL is copied into allocated working space), write the whole ACL (writes the ACL back to permanent storage), and validate the whole ACL (checks for mandatory entries and duplicate entries, as well as sorts the ACL).
  4. Translate an ACL into different formats - includes interfaces that allow ACLs to be copied from a system dependent, internal format to a format that can be copied into user managed space, or into a structured text representation.
With these interfaces, portable applications can determine a subject's access to an object, can create new objects and associate an ACL with the object, can manipulate the ACL of an object, and in general use the access information provided by the ACL in a manner that will be consistent across all POSIX.6 compliant systems (that implement the ACL option).

John Barkley
Fri Oct 7 16:17:21 EDT 1994