If no ACL user or group assigned to the file matches the accessing user's UID or the assigned list of GID's, native UNIX security checks if the user ID has the RSTDACC attribute and the READ access to permission for UNIXPRIV(RESTRICTED.FILESYS.ACCESS) to determine whether the file's other access bit settings are used. The following table details various unmatched ID scenarios:
|
User is |
READ access to |
Result |
|
Yes |
Yes |
Check "other" bits to determine access. |
|
Yes |
No |
Bypass check of "other" bits and deny access. |
|
No |
Yes |
Check "other" bits to determine access. |
|
No |
No |
Check "other" bits to determine access. |
If "other" file access bits are not to be used, access is rejected.
If "other" file access bits are to be used, access is allowed only if the operation attempted is compatible with the bit setting.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|