[systemd-devel] [systemd-bugs] Russian translation for systemd
Sergey Ptashnick
0comffdiz at inbox.ru
Fri Nov 15 01:05:36 PST 2013
On 15.11.2013 10:59, Dennis Semakin wrote:
> Guys, guys, it's quite simple actually.
>
> Identification is an assignment of subjects or objects the identificator. E.g.: login, ID card, fingerprints, retina of the eye...
Yes.
> Authentication is a process of comparision between given users password, his ID(identificator) and the password from database, for example.
Yes.
> Authorization is Identification plus Authentication
No.
Authorization is a process of determining permissions of subjects, usually based on
identification data and access rules.
Ie when you typing sudo password and sudo check its hash, this is authentication.
Now sudo knows that you (user working with system) is you are (UID of your
shell's process), this is identification.
When sudo checks your permissions to "run some programs via sudo" in /etc/sudoers,
this is authorization.
Authentication and identification in this case based on user's UID and him password,
and also on data from /etc/shadow. Identification is result of successful authentication.
OTOH, authorization based on rules from /etc/sudoers and identification data.
More information about the systemd-devel
mailing list