Profile Shells

Profile shells enable users and roles to execute commands with the security attributes that make the commands work. See the pfexec(1) man page for an explanation of the three profile shells, /bin/pfsh, /bin/ksh, and /bin/sh. All roles have a profile shell as their login shell. Users may or may not be assigned a profile shell, either as a login shell or as a shell made available in a rights profile.

Profile shells do not execute commands for roles unless the commands are issued within the trusted path.

Previous: System Shell
Next: Trusted Processes in the Window System