You can set access privileges for individual namespaces or for a combination of a user and a namespace. When you add a user and select a namespace, the user is granted read access to CIM objects in the selected namespace by default.
An effective way to combine user and namespace access rights is to start by restricting access to a namespace. Then grant individual users read, read and write, or write access to that namespace.
You cannot set access rights on individual managed objects. However, you can set access rights for all managed objects in a namespace as well as on a per-user basis.
If you log in as root, you can set the following types of access to CIM objects:
Read Only – Allows read-only access to CIM Schema objects. Users with this privilege can retrieve instances and classes, but cannot create, delete, or modify CIM objects.
Read/Write – Allows full read, write, and delete access to all CIM classes, instances, and invoked methods.
Write – Allows write and delete access, but not read access, to all CIM classes and instances.
None – Allows no access to CIM classes and instances.