Next: Standard Administration
Up: Program Based Roles with
Previous: Initial Roles
While initial roles are only set as temporary current roles, forced roles
are kept until either another program with initial or forced role is executed
or the process actively changes to a compatible role. Certainly, it has to
be kept in a process attribute for later use.
All other implicit mechanisms, e.g. when changing the process owner, do not
affect the current role while a forced role is set.
Forced roles are useful for those server program encapsulation cases, where
a server program must always run with the same privileges for all process
owners.
There are several special forced role values which affect implicit role
transitions:
- role_inherit_user:
- Always set the (new) process owner's default role as
current role when executing this program or when changing process owner
while this program is executed. This can be used for login shells to make
sure that the user's default role is used.
- role_inherit_process:
- Keep the current role when executing this
program or changing process owner while this program is executed. This value
lets subprograms keep the forced role of their parents in all cases.
- role_inherit_parent (default value):
- Get forced role setting from
filesystem parent object. If there is no parent object, use root dir
default value role_inherit_up_mixed. This default value allows to set a forced
role for whole directory trees.
- role_inherit_up_mixed (root dir default value):
- Keep the current
role when executing this program, but set it to new owner's default role
when changing the process owner. This is the standard role model behaviour
as mentioned above.
The forced role default settings make all programs run with the process
owner's default role, which is the desired behaviour in most cases.
- forcedrole(f:file):role := forced role value set for file f at
time n
- effforcedrole(f:file):role := effective forced role of
file f at time n, including inheritance from parent filesystem objects
The effective forced role is derived as follows:
|
|
|
|
(19) |
Forced roles for program files extend the implicit role transition on execution
from rule 18 as follows:6
|
|
|
|
(20) |
The effective forced role value from the executed file is copied to the respective process
attribute.
|
(21) |
The implicit role transition on process owner changes from rule
3 is modified as well:
|
|
|
|
(22) |
Next: Standard Administration
Up: Program Based Roles with
Previous: Initial Roles
Amon Ott