Delegation Authority in Authorizations (System Administration Guide: Security Services)

System Administration Guide: Security Services

Previous: Example of Authorization Granularity
Next: Databases That Support RBAC

Delegation Authority in Authorizations

An authorization that ends with the suffix grant enables a user or a role to delegate to other users any assigned authorizations that begin with the same prefix.

For example, a role with the authorizations solaris.admin.usermgr.grant and solaris.admin.usermgr.read can delegate the solaris.admin.usermgr.read authorization to another user. A role with the solaris.admin.usermgr.grant and solaris.admin.usermgr.* authorizations can delegate any of the authorizations with the solaris.admin.usermgr prefix to other users.

Previous: Example of Authorization Granularity
Next: Databases That Support RBAC