Recognize alternate authorization schemes

Author: name contact BSD flavour

Reviewer: name contact BSD flavour

Reviewer: name contact BSD flavour


Concept

Admins should understand basic authorization theory and how MAC and ACLs extend the features provided by the standard Unix permissions.

Introduction

TODO: is this section needed? is "mandatory" controls introduced elsewhere?

See section View and modify ACLs for more information on ACLs, including ACL attributes.

Note that standard Unix permissions can also be extended by using file flags as covered in section View and modify file flags.

Examples

Practice Exercises

More information

mac(4) and acl(3) on FreeBSD; systrace(1) on NetBSD and OpenBSD