Print this page
uts: add a concept of a 'default' set of privileges, separate from 'basic'

Split Close
Expand all
Collapse all
          --- old/usr/src/man/man5/privileges.5.man.txt
          +++ new/usr/src/man/man5/privileges.5.man.txt
↓ open down ↓ 9 lines elided ↑ open up ↑
  10   10         grained control over the actions of processes. The possession of a
  11   11         certain privilege allows a process to perform a specific set of
  12   12         restricted operations.
  13   13  
  14   14  
  15   15         The change to a primarily privilege-based security model in the Solaris
  16   16         operating system gives developers an opportunity to restrict processes
  17   17         to those privileged operations actually needed instead of all (super-
  18   18         user) or no privileges (non-zero UIDs). Additionally, a set of
  19   19         previously unrestricted operations now requires a privilege; these
  20      -       privileges are dubbed the "basic" privileges and are by default given
  21      -       to all processes.
       20 +       privileges are dubbed the "basic" privileges.
       21 +
       22 +
       23 +       The "basic" privileges, and certain privileges representing concepts
       24 +       not traditionally present are, by default, given to all processes.
       25 +       These are the "default" set of privileges.
  22   26  
  23   27  
  24   28         Taken together, all defined privileges with the exception of the
  25      -       "basic" privileges compose the set of privileges that are traditionally
  26      -       associated with the root user. The "basic" privileges are "privileges"
  27      -       unprivileged processes were accustomed to having.
       29 +       "default" privileges compose the set of privileges that are
       30 +       traditionally associated with the root user. The "basic" privileges are
       31 +       "privileges" unprivileged processes were accustomed to having, and the
       32 +       "default" privileges are the "basic" privileges plus additions that
       33 +       while unprivileged processes aren't accustomed to, they should now
       34 +       have.
  28   35  
  29   36  
  30   37         The defined privileges are:
  31   38  
  32   39         PRIV_CONTRACT_EVENT
  33   40  
  34   41             Allow a process to request reliable delivery of events to an event
  35   42             endpoint.
  36   43  
  37   44             Allow a process to include events in the critical event set term of
↓ open down ↓ 885 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX