Programming and posix - April 2002
April 3, 2002
Solution Symposium
Page 8
hp e3000
programming
and posix
file and directory security
• each object is owned by a POSIX user (UID) and a
POSIX group (GID)
• POSIX UID maps to an MPE USER.ACCOUNT
• POSIX GID maps to an MPE ACCOUNT
• Three independent security classifications:
• Do you match the object’s user?
• Else do you match the object’s group?
• Else then you’re “other”
• Three independent types of access per classification:
• read (r)
• write (w)
• execute (x)