Defining user authorization on a computer mainly deals with deciding the activities that a user may or may not be allowed to do. This could include activities such as executing a program or reading a file.
Since the root
account has all privileges, authorization controls mainly deal with allowing or disallowing root access to user accounts.
To see how user authorization works, we need a user account to try the commands on. Hence, we create a couple of user accounts, user1
and user2
, to try the commands.
In this section, we will go through various controls which can be applied on user accounts.
Suppose we have two user accounts,
user1
anduser2
. We log in fromuser2
and then try to run a command,ps
, asuser1
. In a normal scenario, we get the result as shown:Now edit the file
/etc/sudoers
and add the line as given below:User2 ALL = (user1) /bin/ps
After saving the changes in
/etc/sudoers
, again try to run the commandps
from...