The dtrace_kernel privilege permits the use of every provider except for the use of the pid and fasttrap providers on processes not owned by the user. This privilege also permits the use of all actions and variables except for kernel destructive actions (breakpoint(), panic(), chill()). This privilege permits complete visibility into kernel and user state. The facilities enabled by the dtrace_user privilege are a strict subset of those enabled by dtrace_kernel.
Providers |
All with above restrictions | |
Actions |
All but destructive actions | |
Variables |
All | |
Address Spaces |
User |
Kernel |