5.1.5.2.8ACL enforcement
The ext3_permission() function uses ACLs to enforce DAC. The algorithm goes through the following steps:
1.Performs checks such as “no write access if
2.For ext3 file systems, the kernel calls the ext3_get_acl() to get the ACL corresponding to the object. ext3_get_acl() calls ext3_xattr_get(), which in turn calls ext3_acl_from_disk() to retrieve the extended attribute from the disk. If no ACL exists, the kernel follows the permission bits algorithm described previously.
3.For ext3 file systems, the kernel invokes posix_acl_permission(). It goes through the following algorithm:
If the file system user ID of the process matches the user ID of the file object owner, then
if the ACL_USER_OBJ entry contains the requested permissions, access is granted, else access is denied.
else if the file system user ID of the process matches the qualifier of any entry of type ACL_USER, then
if the matching ACL_USER entry and the ACL_MASK entry contain the requested permissions, access is granted,
else access is denied.
else if the file system group ID or any of the supplementary group IDs of the process match the qualifier of the entry of type ACL_GROUP_OBJ, or the qualifier of any entry of type ACL_GROUP, then
if the ACL_MASK entry and any of the matching ACL_GROUP_OBJ or ACL_GROUP entries contain all the requested permissions, access is granted,
else access is denied.
else if the ACL_OTHER entry contains the requested permissions, access is granted. else access is denied.
The ACL checking function cycles through each ACL entry to check if the process is authorized to access the object in the attempted mode. Root is always allowed to override any read or write access denials based an ACL entry. Root is allowed to override an attempted execute access only if an execute bit is set for owner, group, or other.
For example, consider a file named /aclfile, with mode of 640. The file is owned by root and belongs to the group root. Its default ACL, without the extended POSIX ACL, would be:
#owner: root
#group: root user:: rw-
The file is readable and writeable by the root user, and readable by users belonging to the root group. Other users have no access to the file. With POSIX ACLs, a more granular access control can be provided to this
50