Is it possible to set up role based security filesystem on linux kernel

Is there any way to currently set up a role based access control (RBAC) for filesystem on any OS that is based on linux kernel, or this would require a special filesystem or modifications of linux kernel?

By RBAC I mean something like what is available under NTFS. Linux kernel by default support only DAC, compliant with POSIX, but I think it would be interesting to have a possibility to define unlimited number of access entries for any number of roles per file on linux kernel, so that for example for a file /var/blah

  • user Bob can read and write to that file
  • user John can only read that file
  • group admins can read, write and execute it
  • group backup can only read it
  • group system can read and execute it

and so on...

Answers


If you use ACLs, it is possible as well.

See

man getfacl
man setfacl

You can look into SeLinux which implements MAC on linux. This is another security mechanism under linux apart from DAC. I don't have any handly link right now but simple google search for RBAC Selinux may give you results which you are looking for.


Need Your Help

SAS display date from TODAY() function

date time sas

In SAS I want to reference the date in MMDDYY form but it keeps spitting out the crazy numbers and not in proper format at all!! I think it is doing the UNIX time.....