Ask Question

Someone once observed that "the difference between roles and groups is that a user can shift into and out of roles, whereas that user has a group identity (or identities) that are fixed throughout the session."a. Consider a system such as a System V-based UNIX system, in which a process can have exactly one group identity. To change groups, users must execute the newgrp command. Do these groups differ from roles? Why or why not?

+4
Answers (1)
  1. 2 March, 14:44
    0
    All things considered newgrp has nothing to do with security jobs.

    newgrp sets the procedures bunch id which is in many frameworks are irrelevant. All gatherings are accessible. Gatherings are characterized as assortment of clients, bunch get to is conceded to documents dependent on the record gathering.

    Regularly (setgroups/getgroups) all gatherings are in the process get to list.

    The authorization at a document or registry level has a 3 level arrangement of consents, for example, client proprietorship, bunch possession and others. All things considered the document authorization are a mix of read, compose and execute. we need both peruse and execute consent to run a program.

    A procedure may get to the document if a record has a place with the user (the proprietor of the document) or if the gathering identifier coordinate on the gatherings in the clients bunches list. That entrance is constrained by the relating consents signals on the record.

    Gatherings have been over-burden with some "job" definitions. In any case, these are just over-burden and not a decent utilization of groups, the utilization of a gathering as a job was bolstered by the setgroup id banner, and by utilities like a sudo, where gathering name likewise coordinates a security control. It expect that the gathering name isn't utilized for documents yet once a client is in the gathering that client can apply the gathering to a record regardless of whether it isn't what the gathering was for.

    This over-burden use worked where frameworks didn't bolster genuine jobs. The over-burden utilize was only a work around.

    Linux has genuine job definition bolstered by SELinux models and can be applied to documents, clients, and forms.
Know the Answer?
Not Sure About the Answer?
Find an answer to your question 👍 “Someone once observed that "the difference between roles and groups is that a user can shift into and out of roles, whereas that user has a ...” in 📗 Computers & Technology if the answers seem to be not correct or there’s no answer. Try a smart search to find answers to similar questions.
Search for Other Answers