This section highlights information for existing customers about important new features in files and file systems.
Oracle Solaris labels data and user processes for privacy. This feature provides data loss protection for directories and information that site security requires to have special protections. While labeling is always on, it does not change the behavior of the system until the administrator configures a labeling hierarchy, applies labels to particular files and directories, and enables trusted users to run labeled processes.
The –P and –H options to the recursive chmod -R command limit file permission changes across symbolic links. See How to Change File Permissions Across Symbolic Links and the chmod(1) man page.
If your site uses the account-policy stencil, files in the /etc directory that contain security attributes, such as /etc/default/login, might not reflect the security policy of the system. Rather, the values of properties in the account-policy:default service indicate the security policy of the system. When the account-policy service is enabled, changes in the files in the /etc directory likely has no effect on security policy. For more information, see Modifying Rights System-Wide As SMF Properties in Securing Users and Processes in Oracle Solaris 11.4 and the account-policy(8S) man page.