dtrace_user
Privilege
The dtrace_user
privilege enables use of the profile
and syscall
providers with some caveats. You can use the following action and variables:
-
Providers –
profile
,syscall
, andfasttrap
. -
Actions –
copyin
,copyout
, andstop
. -
Variables –
execname
,copyinstr
,pid
,raise
,uregs
, andustack
.. -
Address Spaces – User
The dtrace_user
privilege provides visibility only to those processes to which the user already has permission; it does not allow any visibility into kernel state or activity. With this privilege, users may enable the syscall
provider, but the enabled probes will activate only in processes to which the user has permission. Similarly, you can enable the profile
provider, but the enabled probes will activate only in processes to which the user has permission. The profile
provider cannot be activated in the Oracle Solaris kernel.
This privilege enables the use of instrumentation that, while only allowing visibility into particular processes, can affect overall system performance. The syscall
provider has some small performance impact on every system call for every process. The profile
provider affects overall system performance by executing every time interval, similar to a real-time timer. Neither of these performance degradations severely limit the system's progress, but system administrators should consider the implications of granting a user this privilege. For information about the performance impact of the syscall
and profile
providers, see syscall Provider and profile Provider.