Go to main content

Securing Files and Verifying File Integrity in Oracle® Solaris 11.4

Exit Print View

Updated: August 2018
 
 

File Security Glossary

Access Control List (ACL)

A list associated with a file that contains information about which users or groups have permission to access or modify the file. An access control list (ACL) provides finer-grained file security than traditional UNIX file protection provides. For example, an ACL enables you to allow group read access to a file, while allowing only one member of that group to write to the file.

classification

The hierarchical component of a clearance or a label. A classification indicates a hierarchical level of security, for example, RESTRICTED or PUBLIC.

compartment

A nonhierarchical component of a label that is used with the classification component to form a clearance or a label. A compartment represents a collection of information, such as would be used by an engineering department or a multidisciplinary project team.

clearance

The upper limit of the set of labels at which a user can work. The lower limit is the minimum label that is assigned by the security administrator.

label

A security identifier that is assigned to an object. The label is based on the level at which the information in that object should be protected. Labels are defined in the label_encodings file.

label_encodings file

The label configuration file that defines the label hierarchy, the default user clearance, and other aspects of labels.

minimum label

The lower bound of a user's labels and the lower bound of the system's labels. The minimum label is the label of the user's processes at login. The sensitivity label that is specified in the minimum label field by the security administrator in the label_encodings file sets the lower bound for the system.

policy

Generally, a plan or course of action that influences or determines decisions and actions. For computer systems, policy typically means security policy. Your site's security policy is the set of rules that define the sensitivity of the information that is being processed and the measures that are used to protect the information from unauthorized access. For example, security policy might require that home directories be encrypted.

privilege

1. In general, a power or capability to perform an operation on a computer system that is beyond the powers of a regular user. A privileged user or privileged application is a user or application that has been granted additional rights.

2. A discrete right on a process in an Oracle Solaris system. Privileges offer a finer-grained control of processes than does root. Privileges are defined and enforced in the kernel. For a full description of privileges, see the privileges(7) man page.

privilege model

A stricter model of security on a computer system than the superuser model. In the privilege model, processes require privilege to run. Administration of the system can be divided into discrete parts that are based on the privileges that administrators have in their processes. Privileges can be assigned to an administrator's login process. Or, privileges can be assigned to be in effect for certain commands only.

privileged user

A user whom you have decided can perform administrative tasks at some level of trust.

public object

A file that is owned by the root user and readable by the world, such as any file in the /etc directory.

rights

An alternative to the all-or-nothing superuser model. User rights management and process rights management enable an organization to divide up superuser's privileges and assign them to users or roles. Rights in Oracle Solaris are implemented as kernel privileges, authorizations, and the ability to run a process as a specific UID or GID. Rights can be collected in a rights profile and a role.

rights profile

Also referred to as a profile. A collection of security overrides that enable regular users to perform privileged actions.

role

A special identity for running privileged applications that only assigned users can assume.

security attributes

Overrides to security policy that enable an administrative command to succeed when the command is run by a user other than superuser. In the superuser model, the setuid root and setgid programs are security attributes. When these attributes are applied to a command, the command succeeds no matter who runs the command. In the privilege model, kernel privileges and other rights replace setuid root programs as security attributes. The privilege model is compatible with the superuser model, in that the privilege model also recognizes the setuid and setgid programs as security attributes.

security policy

See policy.