Protecting and Modifying Files
By default, only the root role can modify system file permissions. Roles and users who are assigned the solaris.admin.edit/path-to-system-file authorization can modify that system-file. Only the root role can search for all files.
Table 5 Protecting and Modifying Files Task Map
| | |
Configure restrictive file permissions for regular users.
| Sets a more restrictive value than 022 for file permissions
for regular users.
|
|
Specify ACLs to protect files at a finer granularity than regular UNIX file permissions.
|
Extended security attributes can be useful in protecting files.
|
|
Specify an ACL to prevent the deletion of critical files,
such as Oracle database logs.
|
Sets the nounlink property on a file or
directory so that the rm command fails even
when run by the root role.
|
|
Maintain system file integrity.
| Finds suspicious files through a script or by using BART.
|
|
|