Oracle® Solaris 11 Security Guidelines

Exit Print View

Updated: August 2014

Protecting and Modifying Files

By default, only the root role can modify system file permissions. Roles and users who are assigned the solaris.admin.edit/path-to-system-file authorization can modify that system-file. Only the root role can search for all files.

Table 2-5  Protecting and Modifying Files Task Map
For Instructions
Configure restrictive file permissions for regular users.
Sets a more restrictive value than 022 for file permissions for regular users.
Specify ACLs to protect files at a finer granularity than regular UNIX file permissions.
Extended security attributes can be useful in protecting files.
For a caution about using ACLs, see Hiding Within the Trees.
Maintain system file integrity.
Finds rogue files through a script or by using BART.