First page Back Continue Last page Overview Graphics
Discretionary Access Control
Existing access control mechanism of current OSes.
Limited to user identity / ownership.
Vulnerable to malicious or flawed software.
Subject to every user's discretion (or whim).
Only distinguishes admin vs. non-admin for users.
Only supports coarse-grained privileges for programs.
Unbounded privilege escalation.
Notes:
DAC is what we have today.
Every program runs with the complete permissions of the invoking user and are free to further change permissions or propagate access.
Even in systems that support a notion of privileges aka POSIX.1e capabilities, privileges are very coarse-grained, only process-based, and easily escalated to gain full access.