[rsbac] ACL FD rights inheritance

Amon Ott ao at rsbac.de
Thu Mar 9 16:57:29 CET 2006


sftf at yandex.ru writes: 

> Example:
> /usr has MOUNT UMOUNT rights for ROLE 999999 and MOUNT UMOUNT mask set.
> Effective rights for /usr/bin (/usr/...): MOUNT UMOUNT - inheritance work. 
> 
> Then I grant READ to ROLE 999999 for /usr/bin.
> Now effective rights for /usr/bin: READ (not MOUNT + UMOUNT + READ) - inheritance don't work.
> It is correct?
> I.e. dir rights don't summarized with parent dir rights?

If you have an ACL entry for a subject, inheritance is not used. 

Amon Ott
RSBAC 



More information about the rsbac mailing list