System Administration Guide: Security Services
Previous Next

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Using the Basic Audit Reporting Tool (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Administrative Commands for Handling Privileges

Files With Privilege Information

Privileges and Auditing

Prevention of Privilege Escalation

Legacy Applications and the Privilege Model

Part IV Solaris Cryptographic Services

13.  Solaris Cryptographic Framework (Overview)

14.  Solaris Cryptographic Framework (Tasks)

15.  Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Solaris Auditing

28.  Solaris Auditing (Overview)

29.  Planning for Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)

Glossary

Index

Files With Privilege Information

The following files contain information about privileges.

Table 12-2 Files That Contain Privilege Information

File and Man Page

Keyword

Description

/etc/security/policy.conf

policy.conf(4)

PRIV_DEFAULT

Inheritable set of privileges for the system

PRIV_LIMIT

Limit set of privileges for the system

/etc/user_attr

user_attr(4)

defaultpriv keyword in user or role's entry

Value is usually set in the Solaris Management Console GUI

Inheritable set of privileges for a user or role

limitpriv keyword in user or role's entry

Value is usually set in the Solaris Management Console GUI

Limit set of privileges for a user or role

/etc/security/exec_attr

exec_attr(4)

privs keyword in the profile's entry for the command

Policy for the command must be solaris

List of privileges that are assigned to a command in a rights profile

syslog.conf

syslog.conf(4)

System log file for debug messages

Path set in priv.debug entry

Privilege debugging log

Note - Do not edit the exec_attr and user_attr databases directly. To administer privileges, use the Solaris Management Console, or commands such as smuser. For more information, see the smc(1M) and the smuser(1M) man pages. For procedures, see Managing Privileges (Task Map).
Previous Next