The procedures and examples in this section restrict login attempts, limit the rights of regular users, or remove some administrative rights from an administrator. They show how to modify users, roles, and rights profiles. For information about rights, see About Using Rights to Control Users and Processes.
Require users to supply a one-time password (OTP) – Task Map: Using OTP in Oracle Solaris in Managing Authentication in Oracle Solaris 11.4
Provide stronger default file permissions for a user
Limit consecutive unsuccessful login attempts
Remove limit privileges from a user – Example 24, Removing Privileges From a User's Limit Set
Remove basic privileges from your own shell process – Example 25, Removing a Basic Privilege From Yourself
Prevent user processes from spawning subprocesses – Example 26, Preventing Guests From Spawning Editor Subprocesses
Create a restricted editor for guests – Example 26, Preventing Guests From Spawning Editor Subprocesses
Assign the restricted editor to a public system –
Remove rights by using a rights profile – Example 30, Removing Basic Privileges From a Rights Profile
Restrict an administrator to explicitly assigned rights – Example 31, Restricting an Administrator to Explicitly Assigned Rights
Prevent applications from creating subprocesses – Example 32, Preventing Selected Applications From Spawning New Processes
Remove rights from all users of a system
Create a system for restricted use –
Qualify attributes in LDAP by user, role, system, or set of systems – Example 33, Qualifying Where and When LDAP Users and Roles Can Use Their Rights and user_attr(5) man page
Limit user access to system by time or location – Example 33, Qualifying Where and When LDAP Users and Roles Can Use Their Rights
Remove an authorization from a user – Example 52, Testing Then Removing an Assigned Authorization
Remove a role assignment from a user – Example 55, Preventing the root Role From Being Used to Maintain a System