9.1.1.16. Discretionary Access Control

SIMP uses the implementation of Discretionary Access Control (DAC) that is native to Linux. Specific file permissions have been assigned based on published security guidance for the supported operating in SIMP Community Edition (CE) 6.6.0.

To ensure default permissions are as restrictive as possible, the user’s umask is set to 0077 while the daemon umask is set to 0027.

References: AC-3 (4) : DISCRETIONARY ACCESS CONTROL