OSF DCE Application Development Guide--Core Components

OSF DCE Application Development Guide—Core Components

• Anonymous principal UUID: fad18d52-ac83-11cc-b72d-0800092784e9

• Anonymous group UUID: fc6ed07a-ac83-11cc-97af-0800092784e9

The other_obj, any_other,other_obj_deleg, and any_other_deleg ACL entries deﬁne

the anonymous principal’s access to objects. The entries must be set up just as for any

other principal. The appropriate direct or delegate permissions must be granted to the

anonymous principal or the delegated operation will fail.

26.2.2.2 Target and Delegate Restriction Syntax

Target and delegate restrictions are expressed as a list of values of type

sec_id_restriction_t. This data type consists of a UUID and an entry type. The entry

type speciﬁes whether the UUID identiﬁes a principal, a group, or ‘‘any other’’

principals (in a manner similar to the any_other ACL entry type). As in ACL entry

types, the target restriction entry types can refer to principals and groups from the local

cell or from foreign cells.

The possible delegation entry types are as follows:

• sec_rstr_e_type_user

The target or delegate is a local principal identiﬁed by UUID.

• sec_rstr_e_type_group

The target or delegate is any member of a local group identiﬁed by UUID.

• sec_rstr_e_type_foreign_user

The target or delegate is a foreign principal identiﬁed by principal and cell UUID.

• sec_rstr_e_type_foreign_group

The target or delegate is any member of a foreign group identiﬁed by group and cell

UUID.

• sec_rstr_e_type_foreign_other

The target or delegate is any principal that can authenticate to the foreign cell

identiﬁed by UUID.

• sec_rstr_e_type_any_other

The target or delegate is any principal that can authenticate to any cell.

• sec_rstr_e_type_no_other

No principal can act as a target or delegate.

26−6 Tandem Computers Incorporated 124245