Lines Matching refs:process
37 Allows a process to request critical events without limitation.
38 Allows a process to request reliable delivery of all events on
43 Allows a process to set the service FMRI value of a process
48 Allows a process to observe contract events generated by
49 contracts created and owned by users other than the process's
51 Allows a process to open contract event endpoints belonging to
52 contracts created and owned by users other than the process's
57 Allow a process to access per-CPU hardware performance counters.
65 Allows DTrace process-level tracing.
66 Allows process-level tracing probes to be placed and enabled in
77 Allows a process to change a file's owner user ID.
78 Allows a process to change a file's group ID to one other than
79 the process' effective group ID or one of the process'
84 Allows a process to give away its files; a process with this
90 Allows a process to execute an executable file whose permission
91 bits or ACL do not allow the process execute permission.
95 Allows a process to read a file or directory whose permission
96 bits or ACL do not allow the process read permission.
100 Allows a process to search a directory whose permission bits or
101 ACL do not allow the process search permission.
105 Allows a process to write a file or directory whose permission
106 bits or ACL do not allow the process write permission.
112 Allows a process to set the sensitivity label of a file or
120 Allows a process to set immutable, nounlink or appendonly
125 Allows a process to create hardlinks to files owned by a uid
126 different from the process' effective uid.
130 Allows a process which is not the owner of a file or directory
141 Allows a process to read objects in the filesystem.
145 Allows a process to change the ownership of a file or write to
148 Allows a process to set the set-group-ID bit on a file or
149 directory whose group is not the process' effective group or
150 one of the process' supplemental groups.
151 Allows a process to set the set-user-ID bit on a file with
158 Allows a process to set the sensitivity label of a file or
166 Allows a process to modify objects in the filesystem.
170 Allows a process to make privileged ioctls to graphics devices.
171 Typically only xserver process needs to have this privilege.
172 A process with this privilege is also allowed to perform
177 Allows a process to perform privileged mappings through a
182 Allows a process to read a System V IPC
184 permission bits do not allow the process read permission.
185 Allows a process to read remote shared memory whose
186 permission bits do not allow the process read permission.
190 Allows a process to write a System V IPC
192 permission bits do not allow the process write permission.
193 Allows a process to read remote shared memory whose
194 permission bits do not allow the process write permission.
196 and the effective uid of the current process is not 0.
200 Allows a process which is not the owner of a System
205 and the effective uid of the current process is not 0.
209 Allows a process to open a TCP, UDP, SDP or SCTP network endpoint.
213 Allow a process to bind to a port that is configured as a
214 multi-level port(MLP) for the process's zone. This privilege
223 Allows a process to send and receive ICMP packets.
227 Allows a process to set NET_MAC_AWARE process flag by using
228 setpflags(2). This privilege also allows a process to set
230 The NET_MAC_AWARE process flag and the SO_MAC_EXEMPT socket
231 option both allow a local process to communicate with an
232 unlabeled peer if the local process' label dominates the
233 peer's default label, or if the local process runs in the
240 Allows a process to set SO_MAC_IMPLICIT option by using
241 setsockopt(3SOCKET). This allows a privileged process to
248 Allows a process to access /dev/lo0 and the devices in /dev/ipnet/
253 Allows a process to bind to a privileged port
261 Allows a process to have direct access to the network layer.
265 Allows a process to generate audit records.
266 Allows a process to get its own audit pre-selection information.
270 Allows a process to change its root directory.
274 Allows a process to use high resolution timers.
278 Allows a process to call execve().
282 Allows a process to call fork1()/forkall()/vfork()
286 Allows a process to examine the status of processes other
292 Allows a process to lock pages in physical memory.
296 Allows a process to access physical memory information.
300 Allows a process to send signals to other processes, inspect
301 and modify process state to other processes regardless of
302 ownership. When modifying another process, additional
304 attaching process must be a superset of the target process'
306 be a superset of the target's limit set; if the target process
309 Allows a process to bind arbitrary processes to CPUs.
313 Allows a process to elevate its priority above its current level.
318 Allows a process to change its scheduling class to any scheduling class,
323 Allows a process to manipulate the secflags of processes (subject to,
324 additionally, the ability to signal that process)
328 Allows a process to send signals or trace processes outside its
333 Allows a process to set its uids at will.
338 Allows a process to assign a new task ID to the calling process.
342 Allows a process to trace or send signals to processes in
347 Allows a process to enable and disable and manage accounting through
352 Allows a process to perform system administration tasks such
358 Allows a process to start the (kernel) audit daemon.
359 Allows a process to view and set audit state (audit user ID,
361 Allows a process to turn off and on auditing.
362 Allows a process to configure the audit parameters (cache and
367 Allows a process to perform various system configuration tasks.
368 Allows a process to add and remove swap devices; when adding a swap
369 device, a process must also have sufficient privileges to read from
374 Allows a process to successfully call a kernel module that
377 Allows a process to open the real console device directly.
378 Allows a process to open devices that have been exclusively opened.
382 Allows a process to increase the size of a System V IPC Message
387 Allows a process to unlink and link directories.
394 Allows a process to mount and unmount filesystems which would
397 A process performing a mount operation needs to have
400 A process performing any of the aforementioned
405 Unless a process has all zone privileges, the mount(2)
408 Regardless of privileges, a process running in a non-global zone may
414 Allows a process to configure IP tunnel links.
418 Allows a process to configure all classes of datalinks, including
423 Allows a process to configure a system's IP interfaces and routes.
424 Allows a process to configure network parameters using ndd.
425 Allows a process access to otherwise restricted information using ndd.
426 Allows a process to configure IPsec.
427 Allows a process to pop anchored STREAMs modules with matching zoneid.
433 Allows a process to push the rpcmod STREAMs module.
434 Allows a process to INSERT/REMOVE STREAMs modules on locations other
439 Allows a process to perform Sun private NFS specific system calls.
440 Allows a process to bind to ports reserved by NFS: ports 2049 (nfs)
445 Allows a process to create and destroy PPP (sppp) interfaces.
446 Allows a process to configure PPP tunnels (sppptun).
450 Allows a process to bind processes to processor sets.
455 Allows a process to create and delete processor sets, assign
457 Allows a process to change the operational status of CPUs in
459 Allows a process to configure resource pools and to bind
464 Allows a process to modify the resource limits specified
466 Allows a process to exceed the per-user maximum number of
468 Allows a process to extend or create files on a filesystem that
473 Allows a process to access the Sun private SMB kernel module.
474 Allows a process to bind to ports reserved by NetBIOS and SMB:
480 Allows a process to successfully call a third party loadable module
487 Allows a process to manipulate system time using any of the
493 Allows a process to translate labels that are not dominated
494 by the process' sensitivity label to and from an external
501 Allows a process to manage virtualized environments such as
506 Allows a process to override colormap restrictions.
507 Allows a process to install or remove colormaps.
508 Allows a process to retrieve colormap cell entries allocated
515 Allows a process to configure or destroy resources that are
517 Allows a process to use SetScreenSaver to set the screen
519 Allows a process to use ChangeHosts to modify the display
521 Allows a process to use GrabServer.
522 Allows a process to use the SetCloseDownMode request which
530 Allows a process to read from a window resource that it does
537 Allows a process to write to or create a window resource that
545 Allows a process to perform operations on window input devices.
546 Allows a process to get and set keyboard and pointer controls.
547 Allows a process to modify pointer button and key mappings.
553 Allows a process to use the direct graphics access (DGA) X protocol
554 extensions. Direct process access to the frame buffer is still
555 required. Thus the process must have MAC and DAC privileges that
557 allocated to the process.
563 Allows a process to set the sensitivity label of a window resource
571 Allows a process to set a font path.
577 Allows a process to read from a window resource whose sensitivity
578 label is not equal to the process sensitivity label.
584 Allows a process to create a window resource whose sensitivity
585 label is not equal to the process sensitivity label.
593 Allows a process to request inter-window data moves without the
600 Allows a process to set the sensitivity label of a window
608 Allows a process access to the xVM(5) control devices for
628 privileges this process and its off-spring can obtain.