You as an administrator are responsible for correctly setting up and maintaining discretionary access control (DAC) and mandatory access control (MAC) protections for security-critical files. Critical files include the following:
shadow file – Contains encrypted passwords. See the shadow(4) man page.
auth_attr file – Contains custom authorizations. See the auth_attr(4) man page.
prof_attr file – Contains custom rights profiles. See the prof_attr(4) man page.
exec_attr file – Contains commands with security attributes that the site has added to rights profiles. See the exec_attr(4) man page.
Audit trail – Contains the audit records that the audit service has collected. See the audit.log(4) man page.