Print this page
uts: add a concept of a 'default' set of privileges, separate from 'basic'
*** 15,32 ****
The change to a primarily privilege-based security model in the Solaris
operating system gives developers an opportunity to restrict processes
to those privileged operations actually needed instead of all (super-
user) or no privileges (non-zero UIDs). Additionally, a set of
previously unrestricted operations now requires a privilege; these
! privileges are dubbed the "basic" privileges and are by default given
! to all processes.
Taken together, all defined privileges with the exception of the
! "basic" privileges compose the set of privileges that are traditionally
! associated with the root user. The "basic" privileges are "privileges"
! unprivileged processes were accustomed to having.
The defined privileges are:
PRIV_CONTRACT_EVENT
--- 15,39 ----
The change to a primarily privilege-based security model in the Solaris
operating system gives developers an opportunity to restrict processes
to those privileged operations actually needed instead of all (super-
user) or no privileges (non-zero UIDs). Additionally, a set of
previously unrestricted operations now requires a privilege; these
! privileges are dubbed the "basic" privileges.
!
!
! The "basic" privileges, and certain privileges representing concepts
! not traditionally present are, by default, given to all processes.
! These are the "default" set of privileges.
Taken together, all defined privileges with the exception of the
! "default" privileges compose the set of privileges that are
! traditionally associated with the root user. The "basic" privileges are
! "privileges" unprivileged processes were accustomed to having, and the
! "default" privileges are the "basic" privileges plus additions that
! while unprivileged processes aren't accustomed to, they should now
! have.
The defined privileges are:
PRIV_CONTRACT_EVENT