Endpoint Administration Guide for UNIX › Managing Authorization › Access Authorities
Access Authorities
The main purpose of CA ControlMinder is to assign and enforce access authorities An access authority is a permission owned by an accessor to perform a specified access on a resource., also known as access rights.
An access authority always has the following components:
- The resource that the access applies to, for example, a file, host, or terminal
- The type of access, for example read, write, delete, log in, run
- The accessor, which is either a user or a group
A user has the authority to access a resource in a certain way because one or more of the following are true:
- The user has the access authority, as granted by the resource ACL
- The user is a member of a group that has access authority.
- The user is running a program that has the access authority. For example the user has the authority to run a program in the SPECIALPGM class, or to run a command in the SUDO class.
Note: For more information about access authority by class, see the selang Reference Guide.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|