Print this page
uts: add a concept of a 'default' set of privileges, separate from 'basic'

*** 17,33 **** The change to a primarily privilege-based security model in the Solaris operating system gives developers an opportunity to restrict processes to those privileged operations actually needed instead of all (super-user) or no privileges (non-zero UIDs). Additionally, a set of previously unrestricted operations now requires a privilege; these privileges are dubbed the "basic" ! privileges and are by default given to all processes. .sp .LP ! Taken together, all defined privileges with the exception of the "basic" privileges compose the set of privileges that are traditionally associated with the root user. The "basic" privileges are "privileges" unprivileged processes ! were accustomed to having. .sp .LP The defined privileges are: .sp .ne 2 --- 17,40 ---- The change to a primarily privilege-based security model in the Solaris operating system gives developers an opportunity to restrict processes to those privileged operations actually needed instead of all (super-user) or no privileges (non-zero UIDs). Additionally, a set of previously unrestricted operations now requires a privilege; these privileges are dubbed the "basic" ! privileges. .sp .LP ! The "basic" privileges, and certain privileges representing concepts not ! traditionally present are, by default, given to all processes. These are the ! "default" set of privileges. ! .sp ! .LP ! Taken together, all defined privileges with the exception of the "default" privileges compose the set of privileges that are traditionally associated with the root user. The "basic" privileges are "privileges" unprivileged processes ! were accustomed to having, and the "default" privileges are the "basic" ! privileges plus additions that while unprivileged processes aren't accustomed to, ! they should now have. .sp .LP The defined privileges are: .sp .ne 2