346 apply: the effective privilege set of the attaching process must be
347 a superset of the target process's effective, permitted, and
348 inheritable sets; the limit set must be a superset of the target's
349 limit set; if the target process has any UID set to 0 all privilege
350 must be asserted unless the effective UID is 0. Allow a process to
351 bind arbitrary processes to CPUs.
352
353
354 PRIV_PROC_PRIOUP
355
356 Allow a process to elevate its priority above its current level.
357
358
359 PRIV_PROC_PRIOCNTL
360
361 Allows all that PRIV_PROC_PRIOUP allows. Allow a process to change
362 its scheduling class to any scheduling class, including the RT
363 class.
364
365
366 PRIV_PROC_SESSION
367
368 Allow a process to send signals or trace processes outside its
369 session.
370
371
372 PRIV_PROC_SETID
373
374 Allow a process to set its UIDs at will, assuming UID 0 requires
375 all privileges to be asserted.
376
377
378 PRIV_PROC_TASKID
379
380 Allow a process to assign a new task ID to the calling process.
381
382
383 PRIV_PROC_ZONE
384
385 Allow a process to trace or send signals to processes in other
902 ntp_adjtime(2), open(2), p_online(2), priocntl(2), priocntlset(2),
903 processor_bind(2), pset_bind(2), pset_create(2), readlink(2),
904 resolvepath(2), rmdir(2), semctl(2), setauid(2), setegid(2),
905 seteuid(2), setgid(2), setgroups(2), setpflags(2), setppriv(2),
906 setrctl(2), setregid(2), setreuid(2), setrlimit(2), settaskid(2),
907 setuid(2), shmctl(2), shmget(2), shmop(2), sigsend(2), stat(2),
908 statvfs(2), stime(2), swapctl(2), sysinfo(2), uadmin(2), ulimit(2),
909 umount(2), unlink(2), utime(2), utimes(2), bind(3SOCKET),
910 door_ucred(3C), priv_addset(3C), priv_set(3C), priv_getbyname(3C),
911 priv_getbynum(3C), priv_set_to_str(3C), priv_str_to_set(3C),
912 socket(3SOCKET), t_bind(3NSL), timer_create(3C), ucred_get(3C),
913 exec_attr(4), proc(4), system(4), user_attr(4), xVM(5), ddi_cred(9F),
914 drv_priv(9F), priv_getbyname(9F), priv_policy(9F),
915 priv_policy_choice(9F), priv_policy_only(9F)
916
917
918 System Administration Guide: Security Services
919
920
921
922 April 9, 2016 PRIVILEGES(5)
|
346 apply: the effective privilege set of the attaching process must be
347 a superset of the target process's effective, permitted, and
348 inheritable sets; the limit set must be a superset of the target's
349 limit set; if the target process has any UID set to 0 all privilege
350 must be asserted unless the effective UID is 0. Allow a process to
351 bind arbitrary processes to CPUs.
352
353
354 PRIV_PROC_PRIOUP
355
356 Allow a process to elevate its priority above its current level.
357
358
359 PRIV_PROC_PRIOCNTL
360
361 Allows all that PRIV_PROC_PRIOUP allows. Allow a process to change
362 its scheduling class to any scheduling class, including the RT
363 class.
364
365
366 PRIV_PROC_SECFLAGS
367
368 Allow a process to manipulate the secflags of processes (subject
369 to, additionally, the ability to signal that process).
370
371
372 PRIV_PROC_SESSION
373
374 Allow a process to send signals or trace processes outside its
375 session.
376
377
378 PRIV_PROC_SETID
379
380 Allow a process to set its UIDs at will, assuming UID 0 requires
381 all privileges to be asserted.
382
383
384 PRIV_PROC_TASKID
385
386 Allow a process to assign a new task ID to the calling process.
387
388
389 PRIV_PROC_ZONE
390
391 Allow a process to trace or send signals to processes in other
908 ntp_adjtime(2), open(2), p_online(2), priocntl(2), priocntlset(2),
909 processor_bind(2), pset_bind(2), pset_create(2), readlink(2),
910 resolvepath(2), rmdir(2), semctl(2), setauid(2), setegid(2),
911 seteuid(2), setgid(2), setgroups(2), setpflags(2), setppriv(2),
912 setrctl(2), setregid(2), setreuid(2), setrlimit(2), settaskid(2),
913 setuid(2), shmctl(2), shmget(2), shmop(2), sigsend(2), stat(2),
914 statvfs(2), stime(2), swapctl(2), sysinfo(2), uadmin(2), ulimit(2),
915 umount(2), unlink(2), utime(2), utimes(2), bind(3SOCKET),
916 door_ucred(3C), priv_addset(3C), priv_set(3C), priv_getbyname(3C),
917 priv_getbynum(3C), priv_set_to_str(3C), priv_str_to_set(3C),
918 socket(3SOCKET), t_bind(3NSL), timer_create(3C), ucred_get(3C),
919 exec_attr(4), proc(4), system(4), user_attr(4), xVM(5), ddi_cred(9F),
920 drv_priv(9F), priv_getbyname(9F), priv_policy(9F),
921 priv_policy_choice(9F), priv_policy_only(9F)
922
923
924 System Administration Guide: Security Services
925
926
927
928 June 6, 2016 PRIVILEGES(5)
|