2 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
3 .\" Copyright 2015, Joyent, Inc. All Rights Reserved.
4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
5 .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
6 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 .TH PRIVILEGES 5 "Oct 30, 2015"
8 .SH NAME
9 privileges \- process privilege model
10 .SH DESCRIPTION
11 .LP
12 Solaris software implements a set of privileges that provide fine-grained
13 control over the actions of processes. The possession of a certain privilege
14 allows a process to perform a specific set of restricted operations.
15 .sp
16 .LP
17 The change to a primarily privilege-based security model in the Solaris
18 operating system gives developers an opportunity to restrict processes to those
19 privileged operations actually needed instead of all (super-user) or no
20 privileges (non-zero UIDs). Additionally, a set of previously unrestricted
21 operations now requires a privilege; these privileges are dubbed the "basic"
22 privileges and are by default given to all processes.
23 .sp
24 .LP
25 Taken together, all defined privileges with the exception of the "basic"
26 privileges compose the set of privileges that are traditionally associated with
27 the root user. The "basic" privileges are "privileges" unprivileged processes
28 were accustomed to having.
29 .sp
30 .LP
31 The defined privileges are:
32 .sp
33 .ne 2
34 .na
35 \fB\fBPRIV_CONTRACT_EVENT\fR\fR
36 .ad
37 .sp .6
38 .RS 4n
39 Allow a process to request reliable delivery of events to an event endpoint.
40 .sp
41 Allow a process to include events in the critical event set term of a template
42 which could be generated in volume by the user.
43 .RE
44
45 .sp
46 .ne 2
47 .na
48 \fB\fBPRIV_CONTRACT_IDENTITY\fR\fR
|
2 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
3 .\" Copyright 2015, Joyent, Inc. All Rights Reserved.
4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
5 .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
6 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 .TH PRIVILEGES 5 "Oct 30, 2015"
8 .SH NAME
9 privileges \- process privilege model
10 .SH DESCRIPTION
11 .LP
12 Solaris software implements a set of privileges that provide fine-grained
13 control over the actions of processes. The possession of a certain privilege
14 allows a process to perform a specific set of restricted operations.
15 .sp
16 .LP
17 The change to a primarily privilege-based security model in the Solaris
18 operating system gives developers an opportunity to restrict processes to those
19 privileged operations actually needed instead of all (super-user) or no
20 privileges (non-zero UIDs). Additionally, a set of previously unrestricted
21 operations now requires a privilege; these privileges are dubbed the "basic"
22 privileges.
23 .sp
24 .LP
25 The "basic" privileges, and certain privileges representing concepts not
26 traditionally present are, by default, given to all processes. These are the
27 "default" set of privileges.
28 .sp
29 .LP
30 Taken together, all defined privileges with the exception of the "default"
31 privileges compose the set of privileges that are traditionally associated with
32 the root user. The "basic" privileges are "privileges" unprivileged processes
33 were accustomed to having, and the "default" privileges are the "basic"
34 privileges plus additions that while unprivileged processes aren't accustomed to,
35 they should now have.
36 .sp
37 .LP
38 The defined privileges are:
39 .sp
40 .ne 2
41 .na
42 \fB\fBPRIV_CONTRACT_EVENT\fR\fR
43 .ad
44 .sp .6
45 .RS 4n
46 Allow a process to request reliable delivery of events to an event endpoint.
47 .sp
48 Allow a process to include events in the critical event set term of a template
49 which could be generated in volume by the user.
50 .RE
51
52 .sp
53 .ne 2
54 .na
55 \fB\fBPRIV_CONTRACT_IDENTITY\fR\fR
|