priv_defs revision 2b24ab6b3865caeede9eeb9db6b83e1d89dcd1ea
168N/A * The contents of this file are subject to the terms of the 168N/A * Common Development and Distribution License (the "License"). 168N/A * You may not use this file except in compliance with the License. 168N/A * See the License for the specific language governing permissions 168N/A * and limitations under the License. 168N/A * When distributing Covered Code, include this CDDL HEADER in each 168N/A * If applicable, add the following below this CDDL HEADER, with the 168N/A * fields enclosed by brackets "[]" replaced with your own identifying 168N/A * information: Portions Copyright [yyyy] [name of copyright owner] 168N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 168N/A * Use is subject to license terms. 168N/A Allows a process to open contract event endpoints belonging to 168N/A contracts created and owned by users other than the process's
privilege PRIV_FILE_OWNER Allows a process which is not the owner of a file or directory to perform the following operations that are normally permitted only for the file owner: modify that file's
access and applies to both shared address and zone-specific address MLPs. See tnzonecfg(4) from the Trusted Extensions manual pages for information on configuring MLP ports. This privilege is interpreted only if the system is configured privilege PRIV_NET_ICMPACCESS Allows a process to send and receive ICMP packets. privilege PRIV_NET_MAC_AWARE Allows a process to set NET_MAC_AWARE process flag by using setpflags(2). This privilege also allows a process to set SO_MAC_EXEMPT socket option by using setsockopt(3SOCKET). The NET_MAC_AWARE process flag and the SO_MAC_EXEMPT socket option both allow a local process to communicate with an peer's default label, or if the local process runs in the This privilege is interpreted only if the system is configured privilege PRIV_NET_OBSERVABILITY while not requiring them to need PRIV_NET_RAWACCESS. privilege PRIV_NET_PRIVADDR Allows a process to bind to a privileged port number. The privilege port numbers are 1-1023 (the traditional UNIX privileged ports) as well as those ports marked as privilege PRIV_NET_RAWACCESS Allows a process to have direct access to the network layer. unsafe privilege PRIV_PROC_AUDIT Allows a process to generate audit records. Allows a process to get its own audit pre-selection information. privilege PRIV_PROC_CHROOT Allows a process to change its root directory. privilege PRIV_PROC_CLOCK_HIGHRES Allows a process to use high resolution timers. basic privilege PRIV_PROC_EXEC Allows a process to call execve(). basic privilege PRIV_PROC_FORK Allows a process to call fork1()/forkall()/vfork() basic privilege PRIV_PROC_INFO Allows a process to examine the status of processes other than those it can send signals to. Processes which cannot be examined cannot be seen in /proc and appear not to exist. privilege PRIV_PROC_LOCK_MEMORY Allows a process to lock pages in physical memory. privilege PRIV_PROC_OWNER Allows a process to send signals to other processes, inspect and modify process state to other processes regardless of ownership. When modifying another process, additional restrictions apply: the effective privilege set of the attaching process must be a superset of the target process' has any uid set to 0 all privilege must be asserted unless the Allows a process to bind arbitrary processes to CPUs. privilege PRIV_PROC_PRIOCNTL Allows a process to elevate its priority above its current level. Allows a process to change its scheduling class to any scheduling class, basic privilege PRIV_PROC_SESSION Allows a process to send signals or trace processes outside its unsafe privilege PRIV_PROC_SETID Allows a process to set its uids at will. Assuming uid 0 requires all privileges to be asserted. privilege PRIV_PROC_TASKID Allows a process to assign a new task ID to the calling process. Allows a process to trace or send signals to processes in Allows a process to enable and disable and manage accounting through acct(2), getacct(2), putacct(2) and wracct(2). Allows a process to perform system administration tasks such as setting node and domain name and specifying nscd and coreadm Allows a process to start the (kernel) audit daemon. Allows a process to view and set audit state (audit user ID, audit terminal ID, audit sessions ID, audit pre-selection mask). Allows a process to turn off and on auditing. Allows a process to configure the audit parameters (cache and queue sizes, event to class mappings, policy options). privilege PRIV_SYS_CONFIG Allows a process to perform various system configuration tasks. Allows a process to add and remove swap devices; when adding a swap device, a process must also have sufficient privileges to read from and write to the swap device. privilege PRIV_SYS_DEVICES Allows a process to successfully call a kernel module that calls the kernel drv_priv(9F) function to check for allowed Allows a process to open the real console device directly. Allows a process to open devices that have been exclusively opened. privilege PRIV_SYS_IPC_CONFIG Allows a process to increase the size of a System V IPC Message privilege PRIV_SYS_LINKDIR Allows a process to unlink and link directories. Allows filesystem specific administrative procedures, such as Allows a process to mount and unmount filesystems which would otherwise be restricted (i.e., most filesystems except A process performing a mount operation needs to have appropriate access to the device being mounted (read-write for "rw" mounts, read for "ro" mounts). A process performing any of the aforementioned access to the mount point. Only regular files and directories can serve as mount points for processes which do not have all zone privileges asserted. Unless a process has all zone privileges, the mount(2) system call will force the "nosuid" and "restrict" options, the latter only for autofs mountpoints. Regardless of privileges, a process running in a non-global zone may only control mounts performed from within said zone. Outside the global zone, the "nodevices" option is always forced. privilege PRIV_SYS_IPTUN_CONFIG Allows a process to configure IP tunnel links. privilege PRIV_SYS_DL_CONFIG Allows a process to configure all classes of datalinks, including configuration allowed by PRIV_SYS_IPTUN_CONFIG. privilege PRIV_SYS_IP_CONFIG This privilege is interpreted only if the system is configured privilege PRIV_VIRT_MANAGE Allows a process to manage virtualized environments such as privilege PRIV_WIN_COLORMAP Allows a process to override colormap restrictions. Allows a process to install or remove colormaps. Allows a process to retrieve colormap cell entries allocated This privilege is interpreted only if the system is configured privilege PRIV_WIN_CONFIG Allows a process to configure or destroy resources that are permanently retained by the X server. Allows a process to use SetScreenSaver to set the screen Allows a process to use ChangeHosts to modify the display Allows a process to use GrabServer. Allows a process to use the SetCloseDownMode request which may retain window, pixmap, colormap, property, cursor, font, or graphic context resources. This privilege is interpreted only if the system is configured privilege PRIV_WIN_DAC_READ Allows a process to read from a window resource that it does not own (has a different user ID). This privilege is interpreted only if the system is configured privilege PRIV_WIN_DAC_WRITE Allows a process to write to or create a window resource that it does not own (has a different user ID). A newly created window property is created with the window's
user ID.
This privilege is interpreted only if the system is configured privilege PRIV_WIN_SELECTION Allows a process to request inter-window data moves without the intervention of the selection confirmer. This privilege is interpreted only if the system is configured privilege PRIV_WIN_UPGRADE_SL Allows a process to set the sensitivity label of a window resource to a sensitivity label that dominates the existing This privilege is interpreted only if the system is configured privilege PRIV_XVM_CONTROL Allows a process access to the xVM(5) control devices for managing guest domains and the hypervisor. This privilege is used only if booted into xVM on x86 platforms. Set of privileges currently in effect. Set of privileges that comes into effect on exec. Set of privileges that can be put into the effective set without Set of privileges that determines the absolute upper bound of privileges this process and its off-spring can obtain.