Privilege Categories

Privileges are logically grouped on the basis of the scope of the privilege, as follows:

• Basic privileges – The core privileges that are needed for minimal operation. The basic privileges are as follows:

  • PRIV_FILE_LINK_ANY – Allows a process to create hard links to files that are owned by a UID other than the process's effective UID.

  • PRIV_PROC_EXEC – Allows a process to call execve().

  • PRIV_PROC_FORK – Allows a process to call fork(), fork1(), or vfork().

  • PRIV_PROC_SESSION – Allows a process to send signals or trace processes outside its session.

  • PRIV_PROC_INFO – Allows a process to examine the status of processes outside of those processes to which the inquiring process can send signals. Without this privilege, processes that cannot be seen in /proc cannot be examined.

  In general, the basic privileges should be assigned as a set rather than individually. This approach ensures that any basic privileges that are released in an update to the Solaris OS will be included in the assignment. On the other hand, a privilege that is known not to be needed by a program should be explicitly turned off. For example, the proc_exec privilege should be turned off if the program is not intended to exec(1) sub-processes.

• File system privileges.

• System V Interprocess Communication (IPC) privileges.

• Network privileges.

• Process privileges.

• System privileges.

See the privileges(5) man page for a complete list of the Solaris privileges with descriptions.

Solaris provides the zones facility, which lets an administrator set up isolated environments for running applications. See zones(5). Since a process in a zone is prevented from monitoring or interfering with other activity in the system outside of that zone, any privileges on that process are limited to the zone as well. However, if needed, the PRIV_PROC_ZONE privilege can be applied to processes in the global zone that need privileges to operate in non-global zones.