PreviousNext

Access Control Lists

If a distributed application uses ACLs to control access to its resources, then the distributed application programmer needs to write an ACL manager to handle access to the resources. The ACL manager is part of the server side of the application. Typically, there is one access control list associated with each resource that the server manages. The ACL contains one or more entries specifying a user or group and what operations the user or group is permitted to perform on the resource (for example, read, write, or execute permission). The ACL manager takes the authorization information supplied by the application client during an RPC, and compares it to the ACL for the requested resource. The ACL manager indicates whether the client is or is not allowed the requested access to the resource.

The following figure shows a simple DCE ACL. Every DCE ACL contains a field indicating what type of ACL it is. The ACL type in this case is sp_data_acl. Each DCE ACL also contains a field indicating what the default cell is for the entries in the ACL. In the example, the default cell is /.../C=US/O=OSF/OU=DCE. The rest of the ACL consists of ACL entries.


DCE ACL Example

ACL entries can be of several types. The example shows three types of ACL entries: user, group, and foreign_user. The cell to which the user and group entries belongs is the default cell listed in the ACL. The cell to which the foreign_user entry belongs is specified in the entry.

Each entry includes a list of permissions. The different possible permissions are determined by the ACL type (in this example, sp_data_acl). There are two types of permissions in the ACL example: r for read permission, and w for write permission.

Based on this ACL, the sp_data_acl ACL manager will give the principal snowpaws in the cell /.../C=US/O=OSF/OU=DCE read and write permission to the object, the members of the friends group in the /.../C=US/O=OSF/OU=DCE cell read permission to the object, and the principal ziggy in the foreign cell /.../cs.univ.edu read permission.