The audit_user(4) Database Is <meta http-equiv="refresh" content="0;url='http://www.oracle.com/pls/topic/lookup?ctx=solaris11'"> Not Access-restricted (Solaris Express Developer Edition What's New)

Solaris Express Developer Edition What's New

The `audit_user`(4) Database Is Not Access-restricted

This security enhancement is new in the Developer 9/07 release.

The audit_user(4) database is no longer an access-restricted database. Existing Network Information Service Plus (NIS+) name servers can be updated with the command:

# nischmod nw+r audit_user

Ensure the following conditions:

The SolarisAuditUser object class entries should be publicly readable. Existing LDAP directory name servers should not modify the SolarisAuditUser object class entries, SolarisAuditAlways and SolarisAuditNever acis, from the default, idsconfig(1M).
If the /usr/lib/ldap/idsconfig file has customized acis for the SolarisAuditAlways and SolarisAuditNever object class entries, the customized acis should allow anonymous read access.

Creating a new NIS name server using the installed ypmake(1M) creates an unrestricted audit_user database. Similarly, creating a new NIS+ name server using nissetup(1M) also creates an unrestricted audit_user database.

For more information, see the following:

audit_user(4) man page

The audit_user(4) Database Is Not Access-restricted

The `audit_user`(4) Database Is Not Access-restricted