[rsbac] ACL FD rights inheritance
Amon Ott
ao at rsbac.de
Thu Mar 9 16:57:29 CET 2006
sftf at yandex.ru writes:
> Example:
> /usr has MOUNT UMOUNT rights for ROLE 999999 and MOUNT UMOUNT mask set.
> Effective rights for /usr/bin (/usr/...): MOUNT UMOUNT - inheritance work.
>
> Then I grant READ to ROLE 999999 for /usr/bin.
> Now effective rights for /usr/bin: READ (not MOUNT + UMOUNT + READ) - inheritance don't work.
> It is correct?
> I.e. dir rights don't summarized with parent dir rights?
If you have an ACL entry for a subject, inheritance is not used.
Amon Ott
RSBAC
More information about the rsbac
mailing list