Defining user authorization on a computer mainly deals with deciding the activities that a user may or may not be allowed to do. This could include activities such as executing a program or reading a file.
Since the root
account has all privileges, authorization controls mainly deal with allowing or disallowing root access to user accounts.
To see how user authorization works, we need a user account to try the commands on. So, we create few user accounts, user1
and user2
, to try the commands.
In this section, we will go through various controls that can be applied on user accounts:
- Suppose we have two user accounts,
user1
anduser2
. We log in fromuser2
and then try to run a command,ps
, asuser1
. In a normal scenario, we get this result:
- Now, edit the
/etc/sudoers
file and add this line:
User2 ALL = (user1) /bin/ps
- After saving the changes in
/etc/sudoers
, again try to run theps
command fromuser2
asuser1
:
- Now, if we want to run...