Browse Prior Art Database

Access Controle for Privilege Command

IP.com Disclosure Number: IPCOM000241061D
Publication Date: 2015-Mar-24
Document File: 1 page(s) / 25K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a program for executing privileged commands which normal users does not have autority to execute.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 01 of 1

Access Controle for Privilege Command

Disclosed is a program for executing privileged commands which normal users does not have autority to execute.

A program is structured for normal users to execute privileged commands. Normally, it is necessary to give authority by assigning privileged ID to a user for executing privileged commands. So, the user can execute all privileged commands including the ones that the user does not need to execute.

This program enables a user to execute a specific privileged command, which allows control on command by command basis. For this purpose, the program will have the following limitations .

・ a separate password issued that is different from the ones for each normal user and the authorized user

・ limitation by a specific command.

・ limitation by specific user ID

・ limitation on a specific time frame for execution

・ limitation on the number for execution (times)

Here is the example of the command to be executed when a user would like to execute a specific privileged command

e.g.) $ priv △ /opt/script/bin/xxxstop.sh

The priv

Fig.1 priv function

Request List contains the following data.

・ command to be authorized

・ user name to be approved

・ server name to be approved

・ maximum number of exec

・ minimum number of exec

・ start time / end time

・ request status

1