Print this page
11621 fmadm and fmstat document privileges incorrectly
*** 4,20 ****
NAME
privileges - process privilege model
DESCRIPTION
! Solaris software implements a set of privileges that provide fine-
grained control over the actions of processes. The possession of a
certain privilege allows a process to perform a specific set of
restricted operations.
! The change to a primarily privilege-based security model in the Solaris
operating system gives developers an opportunity to restrict processes
to those privileged operations actually needed instead of all (super-
user) or no privileges (non-zero UIDs). Additionally, a set of
previously unrestricted operations now requires a privilege; these
privileges are dubbed the "basic" privileges and are by default given
--- 4,20 ----
NAME
privileges - process privilege model
DESCRIPTION
! In illumos, software implements a set of privileges that provide fine-
grained control over the actions of processes. The possession of a
certain privilege allows a process to perform a specific set of
restricted operations.
! The change to a primarily privilege-based security model in the
operating system gives developers an opportunity to restrict processes
to those privileged operations actually needed instead of all (super-
user) or no privileges (non-zero UIDs). Additionally, a set of
previously unrestricted operations now requires a privilege; these
privileges are dubbed the "basic" privileges and are by default given
*** 399,410 ****
PRIV_SYS_ADMIN
Allow a process to perform system administration tasks such as
! setting node and domain name and specifying coreadm(1M) and
! nscd(1M) settings
PRIV_SYS_AUDIT
Allow a process to start the (kernel) audit daemon. Allow a process
--- 399,409 ----
PRIV_SYS_ADMIN
Allow a process to perform system administration tasks such as
! setting node and domain name and managing fmd(1M) and nscd(1M).
PRIV_SYS_AUDIT
Allow a process to start the (kernel) audit daemon. Allow a process
*** 523,533 ****
PRIV_SYS_SUSER_COMPAT
Allow a process to successfully call a third party loadable module
that calls the kernel suser() function to check for allowed access.
This privilege exists only for third party loadable module
! compatibility and is not used by Solaris proper.
PRIV_SYS_TIME
Allow a process to manipulate system time using any of the
--- 522,532 ----
PRIV_SYS_SUSER_COMPAT
Allow a process to successfully call a third party loadable module
that calls the kernel suser() function to check for allowed access.
This privilege exists only for third party loadable module
! compatibility and is not used by illumos.
PRIV_SYS_TIME
Allow a process to manipulate system time using any of the
*** 701,711 ****
the Limit set (see below) of a process in order for set-uid root execs
to be successful, that is, get an effective UID of 0 and additional
privileges.
! The privilege implementation in Solaris extends the process credential
with four privilege sets:
I, the inheritable set
The privileges inherited on exec.
--- 700,710 ----
the Limit set (see below) of a process in order for set-uid root execs
to be successful, that is, get an effective UID of 0 and additional
privileges.
! The privilege implementation in illumos extends the process credential
with four privilege sets:
I, the inheritable set
The privileges inherited on exec.
*** 837,853 ****
the security policy requires explicit permission for those additional
privileges.
Common examples of escalation are those mechanisms that allow
! modification of system resources through "raw'' interfaces; for
! example, changing kernel data structures through /dev/kmem or changing
! files through /dev/dsk/*. Escalation also occurs when a process
! controls processes with more privileges than the controlling process. A
! special case of this is manipulating or creating objects owned by UID 0
! or trying to obtain UID 0 using setuid(2). The special treatment of UID
! 0 is needed because the UID 0 owns all system configuration files and
ordinary file protection mechanisms allow processes with UID 0 to
modify the system configuration. With appropriate file modifications, a
given process running with an effective UID of 0 can gain all
privileges.
--- 836,852 ----
the security policy requires explicit permission for those additional
privileges.
Common examples of escalation are those mechanisms that allow
! modification of system resources through "raw" interfaces; for example,
! changing kernel data structures through /dev/kmem or changing files
! through /dev/dsk/*. Escalation also occurs when a process controls
! processes with more privileges than the controlling process. A special
! case of this is manipulating or creating objects owned by UID 0 or
! trying to obtain UID 0 using setuid(2). The special treatment of UID 0
! is needed because the UID 0 owns all system configuration files and
ordinary file protection mechanisms allow processes with UID 0 to
modify the system configuration. With appropriate file modifications, a
given process running with an effective UID of 0 can gain all
privileges.
*** 854,864 ****
In situations where a process might obtain UID 0, the security policy
requires additional privileges, up to the full set of privileges. Such
restrictions could be relaxed or removed at such time as additional
mechanisms for protection of system files became available. There are
! no such mechanisms in the current Solaris release.
The use of UID 0 processes should be limited as much as possible. They
should be replaced with programs running under a different UID but with
exactly the privileges they need.
--- 853,863 ----
In situations where a process might obtain UID 0, the security policy
requires additional privileges, up to the full set of privileges. Such
restrictions could be relaxed or removed at such time as additional
mechanisms for protection of system files became available. There are
! no such mechanisms in the current release.
The use of UID 0 processes should be limited as much as possible. They
should be replaced with programs running under a different UID but with
exactly the privileges they need.
*** 922,927 ****
System Administration Guide: Security Services
! February 28, 2018 PRIVILEGES(5)
--- 921,926 ----
System Administration Guide: Security Services
! August 26, 2019 PRIVILEGES(5)