Users are assigned a basic set of privileges, rights profiles, and authorizations from the /etc/security/policy.conf file, similar to the initial user as described in System Access Is Limited and Monitored. These rights are configurable. You can deny basic rights and increase the rights for a user.
Oracle Solaris protects users with flexible complexity requirements for passwords, authentication that is configurable for different site requirements, and user rights management, which uses rights profiles, authorizations, and privileges to limit and distribute administrative rights to trusted users. Additionally, special shared accounts called roles assign the user just those administrative rights when the user assumes the role. The Authorization Rules Managed On RBAC (ARMOR) package provides predefined roles.