From: ao@morpork.shnet.org (A. Ott)
Subject: RC separation of duty
Date: 29 Oct 1999 11:55:00 +0200
Next Article (by Author): Re: RC separation of duty ao@morpork.shnet.org (A. Ott)
Previous Article (by Author): Re: patch-2.2.13 ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: RC separation of duty "Paul D. Robertson"
Articles sorted by: [Date]
[Author]
[Subject]
Hi all!
I am currently working on a separation of duty system for RC
administration, since I also think it necessary.
We already had:
- old admin_type: Role Admin (may read and set everything) and System
Admin (may read everything). This is kept, works as before and keeps
things simple for beginners.
Now we also have:
- New role vector admin_roles:
Which roles a user in this role may administrate. Several role settings
are further restricted by other rights, e.g. role_comp and type_comp_xx.
- New role vector assign_roles:
Which roles a user in this role may read and assign to users and
processes (process only, if MODIFY_ATTRIBUTE is allowed), and which
compatible roles she may assign to those roles (if assign_roles contains
all roles involved).
Further restriction: the old user/process role must also be contained
in your assign_roles vector. This way, a partial role assigner must
always stay within a limited set of roles, and cannot affect users and
processes in other roles.
- These new vectors may only be changed by old style Role Admins. If you
set them at the beginning, and then remove all Role Admins, this
separation is forever fixed (well, unless booting Maint kernel).
- New type access rights:
- ADMIN: Set/delete name, set need_overwrite for FD types
- ASSIGN: Assign this type to objects. Sure you also need
MODIFY_ATTRIBUTE on the target.
- ACCESS_CONTROL: Change normal (old) access rights to this type for
your administrated roles
- SUPERVISOR: Change these new special rights to this type for your
administrated roles.
- If no role has SUPERVISOR right to a type, the separation is forever
fixed (again unless booting Maint kernel)
Old roles and types are automatically updated on the first boot of the new
version. On update, Role Admins simply get everything new fully allowed.
System Admins get assign right for their own role, which means they are
allowed to read their own role settings, but not to change anything.
So you could reboot with new version, reset old admin_type to none for all
roles and thus get your current administration settings fixed.
Comments?
Amon.
--
## CrossPoint v3.11 ##
-
To unsubscribe from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.
Next Article (by Author): Re: RC separation of duty ao@morpork.shnet.org (A. Ott)
Previous Article (by Author): Re: patch-2.2.13 ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: RC separation of duty "Paul D. Robertson"
Articles sorted by: [Date]
[Author]
[Subject]