Security Administrator Role Responsibilities
The Security Adminstrator evaluates software for its ability to be trusted. As configured in the default system, the Security Administrator role can do the following:
-
Import and export software at multiple labels
-
Install software programs and CDE actions at
ADMIN_LOWin the public directories (such as /etc and /etc/dt/appconfig ) that allow use of the programs or actions by multiple users at all labels. -
Determine what privileges a program requires to succeed.
-
Assign privileges to program files.
-
Assign privileges that are in effect when a command or action is executed in a trusted process.
Note -Because applications and shell scripts, whether they are externally or internally obtained, are added to a site's rights profiles as commands, the term command in this chapter refers to applications, site-developed executable programs, and shell scripts.
See "Assigning Privileges" and the following sections, which define what it means for a program file to have privileges and for a command or action to inherit privileges.
See the Trusted Solaris Developer's Guide for how programmers can manipulate privileges.
- © 2010, Oracle Corporation and/or its affiliates