Permissions attribute
Each ACL entry contains a set of permissions (actions) describing the specific operations permitted on the object by the user or group. Permissions are context-sensitive.
The behavior of certain permissions varies according to where the permissions are applied. For example, the modify permission (m action bit) behaves differently for protected resources in the /WebSEAL object space than for protected resources in the /Management object space. Permissions control protected resources in the following ways:
- Determine Whether a user can do operations on protected objects
- Determine Whether an administrator can change security policy on the object and any object that inherits permissions
- Determine Whether Security Verify Access itself can delegate credentials for a user
Parent topic: ACL entries