Suppose the following groups are defined to shorten a system’s access control lists: – Group1: Alice, Bob, Cynthia, David, Eve –
Group2: Alice, Bob, Cynthia, Eve – Group3: Bob, Cynthia Suppose the access control list for File 1 is: – File 1: Group 1, R; Group 2, RW If Alice wants to write to File 1 giving your reasoning, state whether Alice will be allowed to do so if: i) The first relevant entry policy is applied ii) The any permission in list policy is applied Suppose the access control list for File 2 is: – File 2: Group 3, RWE iii) Show how the need for a Group 3 for File 2 can be removed using access none. iv) Show how you can eliminate the need for a Group 2 for File 1 access.
provided below is a step by step process to analyzing this question.
i.
According to the policy, Group 1 is allowed to read.
So, if the first policy is applied then, Group 1 i.e. group having Alice will only have access to read and not to write the files. So, Alice will not be able to perform the write operation.
ii .
The first policy on the list is not giving access to Alice to write.
The second policy on the list is giving access to Alice for the write operation.
Since Alice is both in Group 1 and Group 2 and Group 2 gives access to write to Alice, so Alice will be allowed to write.
iii.
The none access specifier gives all the access.
So, we will provide first all the access to Alice and then provide RWE access to group 2.
As a result, by writing the second statement all the access of RWE will be taken from Alice and will be only provided to Bob and Cynthia.
So, the statement will be File 2: Alice, None; Group 2, RWE
