|
|
|
|
|
|
by pejoculant
5195 days ago
|
|
|
RBAC appears to be a bit richer of a concept than group based authentication. In particular, role assignments can be session dependent and role assignments can be constrained to live in a particular hierarchy. The latter is useful for situations where you want to make it possible for a user to have role A or role B but not both at once. Edit: Just to add, the key thing that they appear to be bragging about is that they use RBAC to grant the user logged into the system console the "Console User" profile which by default has permissions to modify printers and wireless connections. Once you have this role, you don't not need to authenticate further. |
|
|