|
|
The current release modifies this traditional privilege mechanism slightly. The superuser privilege is replaced by a list of discrete privileges based on the categorization of sensitive system operations into groups of operations exercising the same kind of privilege. For example, many different commands might need to override discretionary read access restrictions on files to perform their functions. Defining a privilege, such as dacread, and designating it as one of the possible privileges allows for a more controlled possession of privileges by processes than the superuser privilege. Since the privilege only affects discretionary read access, a process that possesses only this privilege cannot perform other privileged operations such as writing to a file without discretionary write access. Possessing all of these privileges is equivalent to acting as superuser.
Privileges are possessed by a process. A file may have fixed privileges placed on it. A process that then executes that file will pick up the privileges placed on the file and add them to the set of privileges that it already possesses.