1

Can i use the RBAC feature on Aix 6.1 to do the following.

file - myfile.txt

I have users - root , aixuser(non-root).

I want only aixuser to have access to file 'myfile.txt' and NOT the root user.

Can this be done with RBAC on aix 6.1?

Ivan
  • 3,172
  • 3
  • 24
  • 34

2 Answers2

1

No, you can not secure anything from the root user, even with RBAC. RBAC allows you to farm out some administrative tasks normally reserved for root to regular users. It does not restrict root users in any way.

This is by design. The root user is not allowed to have their access restricted otherwise they cannot do their job properly.

All RBAC allows you to do is create a sub-class of root users, not limit root itself.

1

@Pax, but we can disable the root user on Aix 6.1 as per the RBAC , there is a special section on it.

How about i disable root user , then the 'root' user behaves like a normal user and then i can disable him from accessing myfile.txt using RBAC commands.