Checks whether the specified subject has the required permissions for the specified object.
Type: rule policy.
Syntax
check: {source: SourceSid, target: TargetSid, permissions: Permissions}
In this case:
SourceSid – subject handle.TargetSid – handle of the object.Permissions – list of permissions to check.
Returned value
KSS_GRANT if the specified subject has the required permissions for the specified object.
KSS_DENY if the specified subject does not have the required permissions for the specified object.
Example
request interface=test.idl.Ping, method=head0 {
rbac0.check
{ source: src_sid
, target: dst_sid
, permissions: ["mundane/observe"]
}
}
Page top