JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

What's New in RBAC?

Role-Based Access Control (Overview)

RBAC: An Alternative to the Superuser Model

Oracle Solaris RBAC Elements and Basic Concepts

RBAC Authorizations

Authorizations and Privileges

Privileged Applications and RBAC

Applications That Check UIDs and GIDs

Applications That Check for Privileges

Applications That Check Authorizations

RBAC Rights Profiles

RBAC Roles

Profile Shell in RBAC

Name Service Scope and RBAC

Security Considerations When Directly Assigning Security Attributes

Privileges (Overview)

Privileges Protect Kernel Processes

Privilege Descriptions

Administrative Differences on a System With Privileges

Privileges and System Resources

How Privileges Are Implemented

How Processes Get Privileges

Assigning Privileges

Expanding a User or Role's Privileges

Restricting a User or Role's Privileges

Assigning Privileges to a Script

Privileges and Devices

Privileges and Debugging

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Oracle Solaris Auditing

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)



What's New in RBAC?

Solaris 10 8/07: Starting in this release, the project.max-locked-memory and zone.max-locked-memory resource controls were introduced. If the PRIV_PROC_LOCK_MEMORY privilege is assigned to a user or non-global zone, these resource controls can be set to prevent the user or zone from locking all memory. For more discussion, see Privileges and System Resources.

Solaris 10 10/08: In this release, the solaris.admin.usermgr authorizations have been reorganized to support separation of duty, a security requirement at highly secure installations. To satisfy separation of duty, two accounts are required to create a user account. To configure the software for this requirement, see Create Rights Profiles That Enforce Separation of Duty in Oracle Solaris Trusted Extensions Configuration Guide. Also in this release, this guide describes how to change the password of a role in How to Change the Password of a Role.

Solaris 10 9/10: In this release, the net_access privilege is added to the basic set of privileges. For a description of the privilege, see the privileges(5) man page.