IBM 10 SP1 EAL4 5.1.5.2 Access Control Lists , 5.1.5.2.1 Types of ACL tags, 5.1.5.2.2 ACL qualifier

•If the process is neither the owner nor a member of an appropriate group, and the permission bits for

world allow the type of access requested, then the subject is permitted access.

•If none of the conditions above are satisfied, and the effective UID of the process is not zero, then the

access attempt is denied.

5.1.5.2 Access Control Lists

The ext3 file system supports Access Control Lists (ACLs) that offer more flexibility than the traditional

permission bits. An ACL can enforce specific access rights for multiple individual users and groups, not just

for the single user and group defined for permission-bit based access control.

The ext3_check_acl() function checks if an object has an associated ACL. If it does not have one, the

system uses the standard permission bits algorithm as described in the previous section.

If the file system object has an associated ACL, the kernel calls the posix_acl_permission() function

to enforce POSIX ACLs. ACLs are created, maintained, and used by the kernel. For more detailed

information about the POSIX ACLs, refer to the http://acl.bestbits.at and

http://wt.xpilot.org/publications/posix.1e sites.

An ACL entry contains the following information:

•A type of tag that specifies the type of the ACL entry.

•A qualifier that specifies an instance a type of an ACL entry.

•A permission set that specifies the discretionary access rights for processes identified by the tag type

and qualifier.

5.1.5.2.1 Types of ACL tags

The following types of tags exist:

•ACL_GROUP: This type of ACL entry defines access rights for processes whose file system group ID

or any supplementary group IDs match the one in the ACL entry qualifier.

•ACL_GROUP_OBJ: This type of ACL entry defines access rights for processes whose file system

group ID or any supplementary group IDs match the group ID of the group of the file.

•ACL_MASK: This type of ACL entry defines the maximum discretionary access rights for a process

in the file group class.

•ACL_OTHER: This type of ACL entry of this type defines access rights for processes whose

attributes do not match any other entry in the ACL.

•ACL_USER: An ACL entry of this type defines access rights for processes whose file system user ID

matches the ACL entry qualifier.

•ACL_USER_OBJ: An ACL entry of this type defines access rights for processes whose file system

user ID matches the user ID of the owner of the file.

5.1.5.2.2 ACL qualifier

The qualifier is required for the ACL_GROUP and ACL_USER ACL types of entries, and contain either the

user ID or the group ID for which the access rights are defined.