System Administration Guide: Security Services

Administrative Differences on a System With Privileges

A system that has privileges has several visible differences from a system that does not have privileges. The following table lists some of the differences.

Table 8–2 Visible Differences Between a System With Privileges and a System Without Privileges


No Privileges 



Daemons run as root.

Daemons run as the user daemon.

For example, the following daemons have been assigned appropriate privileges and run as daemon: lockd, nfsd, and rpcbind.

Log File Ownership 

Log files are owned by root.

Log files are now owned by daemon, who created the log file. The root user does not own the file.

Error Messages 

Error messages refer to superuser. 

For example, chroot: not superuser.

Error messages reflect the use of privileges. 

For example, the equivalent error message for chroot failure is chroot: exec failed.

setuid Programs

Programs use setuid to complete tasks that ordinary users are not allowed to perform.

Many setuid programs have been changed to run with privileges.

For example, the following utilities use privileges: ufsdump, ufsrestore, rsh, rlogin, rcp, rdist, ping, traceroute, and newtask.

File Permissions 

Device permissions are controlled by DAC. For example, members of the group sys can open /dev/ip.

File permissions (DAC) do not predict who can open a device. Devices are protected with DAC and device policy.

For example, the /dev/ip file has 666 permissions, but the device can only be opened by a process with the appropriate privileges. Raw sockets are still protected by DAC.

Audit Events 

Auditing the use of the su command covers many administrative functions.

Auditing the use of privileges covers most administrative functions. The pm and as audit classes include audit events that configure device policy and audit events that set privileges.


Processes are protected by who owns the process. 

Processes are protected by privileges. Process privileges and process flags are visible as a new entry in the /proc/<pid> directory, priv.


No reference to privileges in core dumps. 

The ELF note section of core dumps includes information about process privileges and flags in the NT_PRPRIV and NT_PRPRIVINFO notes.

The ppriv utility and other utilities show the proper number of properly sized sets. The utilities correctly map the bits in the bit sets to privilege names.