oracle home
Securing Users and Processes in Oracle
®
Solaris 11.2
Exit Print View
Search Term
Search Scope:
This Document
Entire Library
» ...
Documentation Home
»
Oracle Solaris 11.2 Information Library
»
Securing Users and Processes in ...
»
Index S
Updated: July 2014
Securing Users and Processes in Oracle
®
Solaris 11.2
Document Information
Using This Documentation
Product Documentation Library
Access to Oracle Support
Feedback
Chapter 1 About Using Rights to Control Users and Processes
What's New in Rights in Oracle Solaris 11.2
User Rights Management
User and Process Rights Provide an Alternative to the Superuser Model
Basics of User and Process Rights
More About User Rights
More About User Authorizations
More About Rights Profiles
More About Roles
Process Rights Management
Privileges Protecting Kernel Processes
Privilege Descriptions
Administrative Differences on a System With Privileges
More About Privileges
How Privileges Are Implemented
How Privileges Are Used
How Processes Get Privileges
Privileges and Devices
Privileges and Resource Management
Legacy Applications and the Use of Privileges
Debugging Use of Privilege
Privilege Assignment
Assigning Privileges to Users and Processes
Expanding a User or Role's Privileges
Restricting Privileges for a User or Role
Assigning Privileges to a Script
Using Extended Privilege Policy to Restrict Privilege Use
Privilege Escalation and User Rights
Privilege Escalation and Kernel Privileges
Rights Verification
Profile Shells and Rights Verification
Name Service Scope and Rights Verification
Order of Search for Assigned Rights
Applications That Check for Rights
Applications That Check UIDs and GIDs
Applications That Check for Privileges
Applications That Check Authorizations
Considerations When Assigning Rights
Security Considerations When Assigning Rights
Usability Considerations When Assigning Rights
Chapter 2 Planning Your Administrative Rights Configuration
Deciding Which Rights Model to Use for Administration
Following Your Chosen Rights Model
Chapter 3 Assigning Rights in Oracle Solaris
Assigning Rights to Users
Who Can Assign Rights
Assigning Rights to Users and Roles
Creating a Role
Creating a Login for a Trusted User
Modifying a User's Rights
Modifying a Role's Rights
Enabling Users to Use Own Password for Role Password
Changing a Role Password
Deleting a Role
Expanding Users' Rights
Restricting Users' Rights
Chapter 4 Assigning Rights to Applications, Scripts, and Resources
Limiting Applications, Scripts, and Resources to Specific Rights
Assigning Rights to Applications and Scripts
How to Run a Shell Script With Privileged Commands
Locking Down Resources by Using Extended Privileges
How to Apply Extended Privilege Policy to a Port
How to Lock Down the MySQL Service
How to Assign Specific Privileges to the Apache Web Server
How to Determine Which Privileges the Apache Web Server Is Using
Users Locking Down the Applications That They Run
Chapter 5 Managing the Use of Rights
Managing the Use of Rights
Using Your Assigned Administrative Rights
Auditing Administrative Actions
Creating Rights Profiles and Authorizations
How to Create a Rights Profile
How to Clone and Modify a System Rights Profile
How to Create an Authorization
Changing Whether root Is a User or a Role
How to Change the root Role Into a User
Chapter 6 Listing Rights in Oracle Solaris
Listing Rights and Their Definitions
Listing Authorizations
Listing Rights Profiles
Listing Roles
Listing Privileges
Listing Qualified Attributes
Chapter 7 Troubleshooting Rights in Oracle Solaris
Troubleshooting Rights
How to Troubleshoot Rights Assignments
How to Reorder Assigned Rights
How to Determine Which Privileges a Program Requires
Chapter 8 Reference for Oracle Solaris Rights
Rights Profiles Reference
Viewing the Contents of Rights Profiles
Authorizations Reference
Authorization Naming Conventions
Delegation Authority in Authorizations
Rights Databases
Rights Databases and the Naming Services
user_attr Database
auth_attr Database
prof_attr Database
exec_attr Database
policy.conf File
Commands for Administering Rights
Commands That Manage Authorizations, Rights Profiles, and Roles
Selected Commands That Require Authorizations
Privileges Reference
Commands for Handling Privileges
Files That Contain Privilege Information
Privileged Actions in the Audit Record
Security Glossary
Index
Index Numbers and Symbols
Index A
Index B
Index C
Index D
Index E
Index F
Index G
Index H
Index I
Index K
Index L
Index M
Index N
Index O
Index P
Index Q
Index R
Index S
Index T
Index U
Index V
Index W
Index X
Index Z
Language:
English
S
–S
option
profiles
command
Creating a Sun Ray Users Rights Profile
Preventing Guests From Spawning Editor Subprocesses
roleadd
command
Creating a User Administrator Role in the LDAP Repository
–s
option
roleadd
command
Creating a User Administrator Role in the LDAP Repository
useradd
command
Creating a Login for a Trusted User
–S
option
rolemod
command
Changing the Value of roleauth for a Role in the LDAP Repository
useradd
command
Creating a User Who Can Administer DHCP
–s
option
audit
command
Auditing Administrative Actions
ppriv
command
Commands for Handling Privileges
Protecting Directories on Your System From Application Processes
svccfg
command
How to Troubleshoot Rights Assignments
How to Assign Specific Privileges to the Apache Web Server
How to Lock Down the MySQL Service
scope of assigned rights
Name Service Scope and Rights Verification
scripts
checking for authorizations
Checking for Authorizations in a Script or Program
for extended accounting
Enabling a Trusted User to Read Extended Accounting Files
Perl scripts
Enabling a Trusted User to Read Extended Accounting Files
running with privileges
Assigning Privileges to a Script
securing
Assigning Rights to Applications and Scripts
use of privileges in
How to Run a Shell Script With Privileged Commands
security attributes
See also
rights
description
Basics of User and Process Rights
security policy
default rights
Rights Databases
restrictive and permissive
Basics of User and Process Rights
security properties
See
rights
sendmail
command
authorizations required for
Commands and Associated Authorizations
separation of duty
security and non-security roles
Creating Roles for Separation of Duty
two roles to handle auditing
Using Two Roles to Configure Auditing
shell commands
passing parent shell process number
Listing the Privileges in Your Current Shell
shells
determining if privileged
Determining Whether You Are Using a Profile Shell
listing privileges on process
Listing the Privileges in Your Current Shell
privileged versions
Profile Shells and Rights Verification
troubleshooting if profile
How to Troubleshoot Rights Assignments
usability considerations
Usability Considerations When Assigning Rights
writing privileged scripts
How to Run a Shell Script With Privileged Commands
solaris.*.assign
authorizations
preventing privilege escalation
Privilege Escalation and User Rights
solaris.admin.edit
authorization
adding to rights profile
Cloning and Enhancing the Network IPsec Management Rights Profile
solaris.smf.value
authorization
removing from rights profile
Cloning and Removing Selected Rights From a Rights Profile
Stop rights profile
Rights Profiles Reference
su
command
becoming
root
How to Change the root Role Into a User
changing to a role
Creating and Assigning a Role to Administer Cryptographic Services
in role assumption
Assuming an ARMOR Role
subshells
restricting editing rights
Preventing Guests From Spawning Editor Subprocesses
sudo
command
using in Oracle Solaris
Using Your Assigned Administrative Rights
Deciding Which Rights Model to Use for Administration
superuser
compared to rights model
Process Rights Management
User and Process Rights Provide an Alternative to the Superuser Model
differences from rights model
Administrative Differences on a System With Privileges
eliminating by delegating rights
More About Roles
troubleshooting becoming
root
as a role
Preventing the root Role From Being Used to Maintain a System
svc:/application/database/mysql:version_51
How to Lock Down the MySQL Service
svc:/network/http:Apache2
How to Assign Specific Privileges to the Apache Web Server
svc:/system/name-service/switch
How to Troubleshoot Rights Assignments
Name Service Scope and Rights Verification
SYS privileges
Privilege Descriptions
syslog.conf
file
Files That Contain Privilege Information
System Administrator rights profile
assigning to role
Distribution of Rights
description
Rights Profiles Reference
system properties
privileges relating to
Privilege Descriptions
system security
privileges
Process Rights Management
using rights
User and Process Rights Provide an Alternative to the Superuser Model
System V IPC privileges
Privilege Descriptions
Previous
Next