The procedures and examples in this section restrict login attempts, limit the rights of regular users, or remove some administrative rights from an administrator. They show how to modify users, roles, and rights profiles. For information about rights, see About Using Rights to Control Users and Processes.
Require users to supply a one-time password (OTP) – Task Map: Using OTP in Oracle Solaris in Managing Kerberos and Other Authentication Services in Oracle Solaris 11.3
Provide stronger default file permissions for a user – How to Set a More Restrictive umask Value for Regular Users
Limit consecutive unsuccessful login attempts – How to Set Account Locking for Regular Users
Prevent user processes from spawning subprocesses – Example 26, Preventing Guests From Spawning Editor Subprocesses
Remove limit privileges from a user – Example 24, Removing Privileges From a User's Limit Set
Remove basic privileges from your own shell process – Example 25, Removing a Basic Privilege From Yourself
Prevent user processes from spawning subprocesses – Example 26, Preventing Guests From Spawning Editor Subprocesses
Create a restricted editor for guests – Example 26, Preventing Guests From Spawning Editor Subprocesses
Assign the restricted editor to a public system – Example 27, Assigning the Editor Restrictions Rights Profile to All Users
Remove basic privileges from a user – Example 29, Creating a Remote Users Rights Profile
Create a rights profile for remote users – Example 29, Creating a Remote Users Rights Profile
Remove privileges from the limit set of a rights profile – Example 30, Removing Basic Privileges From a Rights Profile
Remove rights from a rights profile – Example 30, Removing Basic Privileges From a Rights Profile, Example 49, Cloning and Removing Selected Rights From a Rights Profile
Restrict an administrator to explicitly assigned rights – Example 31, Restricting an Administrator to Explicitly Assigned Rights
Prevent applications from creating subprocesses – Example 32, Preventing Selected Applications From Spawning New Processes
Remove rights from all users of a system – Example 27, Assigning the Editor Restrictions Rights Profile to All Users, Example 28, Modifying the policy.conf File to Limit the Rights Available to System Users
Create a system for restricted use – Example 28, Modifying the policy.conf File to Limit the Rights Available to System Users
Qualify attributes in LDAP by user, role, system, or set of systems – Example 33, Qualifying Where and When LDAP Users and Roles Can Use Their Rights and the user_attr(4) man page
Limit user access to system by time or location – Example 33, Qualifying Where and When LDAP Users and Roles Can Use Their Rights
Remove an authorization from a user – Example 50, Testing a New Authorization
Remove a role assignment from a user – Example 53, Preventing the root Role From Being Used to Maintain a System