Privileges in Trusted Extensions
Privileges in Trusted Extensions are coded to correspond to their Solaris counterparts. Privileges in Solaris software are implemented differently from privileges in previous Trusted Solaris releases.
-
Basic privileges are implemented. For example, proc_exec and proc_info are basic privileges.
Basic privileges do not override security policy, but rather enable use of the system. Without the proc_exec privilege, a user cannot use the system.
-
Privileges are not file attributes. Therefore, there are no allowed or forced privileges.
-
Default and limit privileges can be assigned to the initial shell of a user or of a role.
-
Privileges are called by name, not by number.
Therefore, privilege numbers are not used in function calls or in the exec_attr file.
-
Privilege macros are not used and have been removed.
-
Privileges interact with zones. Some privileges can be used in the global zone only, so are not available to ordinary users.
For correspondences between Trusted Solaris privileges and Trusted Extensions privileges, see Table 1 in Appendix A, Interface Changes in the Solaris Trusted Extensions Release, Table 10, and New Interfaces in Trusted Extensions Software. For a complete list of privileges, see the privileges(5) man page.
The Solaris Trusted Extensions release adds the following privileges:
-
net_bindmlp – Allows a process to bind to multilevel ports.
-
net_mac_aware – Allows a process to communicate with peers at labels that are different from its own.
The Trusted Solaris command runpd has been replaced by the Solaris ppriv -d command. For details, see the ppriv(1) man page. For examples, see How to Determine Which Privileges a Program Requires in System Administration Guide: Security Services.
- © 2010, Oracle Corporation and/or its affiliates