You can deny a user or group specific access types using a Negative Access Control List (NACL).
With the CA ControlMinder language (selang), use the following command to deny access:
auth className resourceName [gid(group‑name...)] \
[uid({user‑name...|*})] [deniedaccess(accessvalue)]
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|