To better describe RBAC, it’s easier to first describe how a system administrator would utilize RBAC to delegate an administrative task to a nonroot user in a fictional setting at Acme Corp.
At the fictional Acme Corp., the system administrator is overwhelmed with tasks. He is going to delegate some of his responsibility to Neil, a user from the engineering department who helps out sometimes with system administration tasks.
The system administrator first needs to define which tasks he wants Neil to help out with. He has identified three tasks:
Changing user passwords but not adding or removing accounts
Mounting and sharing file systems
In RBAC, when we speak of delegating administrative tasks, it is ...