5Privileges and Role-Based Access Control

Traditionally, UNIX has two levels of security: ordinary users and administrators. Administrators are all-powerful and ordinary users are not. In Solaris 10, the Solaris OS has done away with this division of power and now implements a much finer-grained scheme called “privileges“, which can be used to delegate small pieces of “superuser power” to ordinary processes and users.

Since Version 8, the Solaris OS has also implemented an administrative model that allows for finer-grained control than the traditional UNIX root model: “roles.“ Solaris roles can be used to define a specific set of tasks (“profiles”) for a specific type of administrator. Using profiles, you can define “Network Administrators” ...

Get Solaris™ 10 Security Essentials now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.