P

–P option

rolemod command

Restricting an Administrator to Explicitly Assigned Rights

Replacing a Local Role's Assigned Profiles

useradd commandCreating a User Who Can Administer DHCP

–p option

add_drv commandCommands for Handling Privileges

ipadm set-prop commandHow to Lock Down the MySQL Service

profiles command

Viewing the Contents of Rights Profiles

Listing Rights Profiles

Cloning and Removing Selected Rights From a Rights Profile

How to Create a Rights Profile

How to Assign Specific Privileges to the Apache Web Server

How to Lock Down the MySQL Service

Preventing Guests From Spawning Editor Subprocesses

Enabling a Non-root Account to Read a root-Owned File

Modifying a Rights Profile to Enable a User to Use Own Password for Role Password

–P option

roleadd commandCaching Authentication for Ease of Role Use

rolemod commandAssigning Rights Profiles in a Specific Order

–p option

update_drv commandCommands for Handling Privileges

packages

ARMORUsing ARMOR Roles

MySQLHow to Lock Down the MySQL Service

PAM

adding su stack to configuration fileCaching Authentication for Ease of Role Use

modulesCaching Authentication for Ease of Role Use

stack to cache authenticationCaching Authentication for Ease of Role Use

time-sensitive user access

user_attr Database

Basics of User and Process Rights

pam_roles moduleRights Administration Commands

pam_tty_tickets moduleCaching Authentication for Ease of Role Use

pam_unix_account moduleRights Administration Commands

passwd command

changing password of role

Changing a Role Password

Creating a Role

passwords

changing role password

Changing a Role Password

Creating a Role

using user's to assume role

How to Reorder Assigned Rights

Enabling a User to Use Own Password for Role Password

Perl scripts

for extended accountingEnabling a Trusted User to Read Extended Accounting Files

permissive security policy

components ofBasics of User and Process Rights

creatingExpanding Users' Rights

permitted privilege setHow Privileges Are Implemented

pfbash commandRights Administration Commands

pfedit command

Rights Administration Commands

Editing a System File

pfexec command

Rights Administration Commands

Using Your Assigned Administrative Rights

planning

ARMOR role useFollowing Your Chosen Rights Model

rights model useFollowing Your Chosen Rights Model

use of rightsFollowing Your Chosen Rights Model

plus sign (–)

keyword modifierModifying a Role's Rights

policy.conf file

descriptionpolicy.conf File

keywords

for authenticated rights profilespolicy.conf File

for authorizationspolicy.conf File

for privileges

Files That Contain Privilege Information

policy.conf File

for rights profilespolicy.conf File

for workstation ownerpolicy.conf File

ports

protecting with extended privilegesHow to Apply Extended Privilege Policy to a Port

powers  Seerights

ppriv command

Commands for Handling Privileges

Listing the Privileges in Your Current Shell

Listing Privileges

predefined roles

ARMOR standard

Using ARMOR Roles

User and Process Rights Provide an Alternative to the Superuser Model

planning use ofFollowing Your Chosen Rights Model

principle of least privilegePrivileges Protecting Kernel Processes

Printer Management rights profileRights Profiles Reference

priv.debug entry

syslog.conf fileFiles That Contain Privilege Information

PRIV_DEFAULT keyword

policy.conf filepolicy.conf File

PRIV_LIMIT keyword

policy.conf file

Files That Contain Privilege Information

policy.conf File

PRIV_PFEXEC flagDetermining Whether You Are Using a Profile Shell

PRIV_PROC_LOCK_MEMORY privilegePrivileges and Resource Management

PRIV_XPOLICY flagHow to Lock Down the MySQL Service

privilege checkingApplications That Check for Privileges

privilege sets

adding privileges to

Assigning Privileges Directly to a User

Assigning Privileges Directly to a Role

Expanding a User or Role's Privileges

basic

How to Troubleshoot Rights Assignments

Listing the Basic Privileges and Their Definitions

How Privileges Are Implemented

effectiveHow Privileges Are Implemented

inheritableHow Privileges Are Implemented

limit

How to Troubleshoot Rights Assignments

How Privileges Are Implemented

listing

Listing Privileges That Are Used in Privilege Assignment

How Privileges Are Implemented

permittedHow Privileges Are Implemented

removing privileges from

Creating a Sun Ray Users Rights Profile

Removing a Basic Privilege From Yourself

Removing a Basic Privilege From a Rights Profile

Using Extended Privilege Policy to Restrict Privilege Use

Restricting Privileges for a User or Role

privileged application

authorization checkingApplications That Check Authorizations

checking for security attributesApplications That Check for Rights

descriptionBasics of User and Process Rights

ID checkingApplications That Check UIDs and GIDs

privilege checkingApplications That Check for Privileges

privileged users  Seetrusted users

privileges

adding to command in rights profileCreating a Rights Profile That Includes Privileged Commands

assigning

to a commandAssigning Privileges to Users and Processes

to a scriptAssigning Privileges to a Script

to a userAssigning Privileges to Users and Processes

to Apache Web ServerHow to Assign Specific Privileges to the Apache Web Server

to MySQL databaseHow to Lock Down the MySQL Service

to roleAssigning Privileges Directly to a Role

to userAssigning Privileges Directly to a User

auditing andPrivileged Actions in the Audit Record

categoriesPrivilege Descriptions

checking in applicationsApplications That Check for Privileges

commandsCommands for Handling Privileges

compared to authorizations

More About User Authorizations

Basics of User and Process Rights

compared to superuser modelProcess Rights Management

debugging

Files That Contain Privilege Information

Debugging Use of Privilege

description

Privilege Descriptions

Privilege Descriptions

Basics of User and Process Rights

devices andPrivileges and Devices

differences from superuser modelAdministrative Differences on a System With Privileges

escalation prevention at user levelPrivilege Escalation and User Rights

escalation prevention in kernelPrivilege Escalation and Kernel Privileges

expanding user or role'sExpanding a User or Role's Privileges

extended privilege policy

Using Extended Privilege Policy to Restrict Privilege Use

Expanding a User or Role's Privileges

filesFiles That Contain Privilege Information

finding missingUsing the ppriv Command to Examine Privilege Use in a Profile Shell

implemented in setsHow Privileges Are Implemented

inherited by processesHow Processes Get Privileges

legacy applications and

Assigning Security Attributes to a Legacy Application

Legacy Applications and the Use of Privileges

listing on a processListing the Privileges in Your Current Shell

PRIV_PROC_LOCK_MEMORYPrivileges and Resource Management

processes with assigned privilegesHow Processes Get Privileges

programs aware of privilegesHow Processes Get Privileges

protecting kernel processesPrivileges Protecting Kernel Processes

removing

basic privilegeRemoving a Basic Privilege From a Rights Profile

basic privilege from your processRemoving a Basic Privilege From Yourself

from a rights profileRemoving a Basic Privilege From a Rights Profile

from a userRestricting Privileges for a User or Role

from a user's limit setRemoving Privileges From a User's Limit Set

from yourselfRemoving a Basic Privilege From Yourself

troubleshooting

lack ofHow to Determine Which Privileges a Program Requires

user assignmentHow to Troubleshoot Rights Assignments

using in shell scriptHow to Run a Shell Script With Privileged Commands

privileges keyword

listingListing Privileges

PROC privileges

descriptionPrivilege Descriptions

proc_ownerPrivileges and Devices

process privilegesPrivilege Descriptions

process rights management  Seeprivileges, rights

prof_attr databaseprof_attr Database

summaryRights Databases

profile shells

descriptionProfile Shells and Rights Verification

determining if PRIV_PFEXEC flag is setDetermining Whether You Are Using a Profile Shell

openingUsing Your Assigned Administrative Rights

reading exacct network filesEnabling a Trusted User to Read Extended Accounting Files

restricting rightsRestricting an Administrator to Explicitly Assigned Rights

profiles  Seerights profiles

profiles command

creating rights profilesHow to Create a Rights Profile

descriptionRights Administration Commands

listing user's authenticated rights profilesListing Rights Profiles

listing user's rights profilesListing Rights and Their Definitions

useListing Rights Profiles

profiles keyword

descriptionuser_attr Database

listingListing Rights Profiles

PROFS_GRANTED keyword

policy.conf filepolicy.conf File

programs  Seeapplications

project.max-locked-memory resource controlPrivileges and Resource Management