What's New in Files and File Systems in Oracle Solaris 11.4

This section highlights information for existing customers about important new features in files and file systems.

• Oracle Solaris labels data and user processes for privacy. This feature provides data loss protection for directories and information that site security requires to have special protections. While labeling is always on, it does not change the behavior of the system until the administrator configures a labeling hierarchy, applies labels to particular files and directories, and enables trusted users to run labeled processes.

  For more information, see Labeling Files for Data Loss Protection and Chapter 6, Labeling Processes for Data Loss Protection in Securing Users and Processes in Oracle Solaris 11.4.

• The -P and -H options to the recursive chmod -R command limit file permission changes across symbolic links. See How to Change File Permissions Across Symbolic Links and the chmod(1) man page.

• If your site uses the account-policy stencil, files in the /etc directory that contain security attributes, such as /etc/default/login, might not reflect the security policy of the system. Rather, the values of properties in the account-policy:default service indicate the security policy of the system. When the account-policy service is enabled, changes in the files in the /etc directory likely has no effect on security policy. For more information, see Modifying Rights System-Wide As SMF Properties in Securing Users and Processes in Oracle Solaris 11.4 and the account-policy(8S) man page.

• Includes storage for per-user content in private file-system directories in the /var/share/user and /tmp/volatile-user directories. For more information, see the filesystem(7) man page.