HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide
97
**********************************************************************
*/
/*
**********************************************************************
* privileges
**********************************************************************
*/
disallowed privileges none
/*
**********************************************************************
* ipc/fifo/uxsock to init compatment
**********************************************************************
*/
access ipc, fifo, uxsock init
/*
**********************************************************************
* by default gives users read permission unless otherwise granted
**********************************************************************
*/
perm read /
/*
**********************************************************************
* full access directories for application compartments
**********************************************************************
*/
perm all /dev
perm all /etc
perm all /home
perm all /net
perm all /tmp
perm all /var
/*
**********************************************************************
* read-only to system binary libraries, and kernel
**********************************************************************
*/
perm read /usr
perm read /sbin
perm read /opt
perm read /stand
/*
**********************************************************************
* narrow down on /dev:
**********************************************************************
*/
perm none /dev/kmem // kernel memory
perm read /dev/dsk // disks
perm read /dev/rdsk
perm read /dev/disk
perm read /dev/rdisk
perm read /dev/root
perm read /dev/klog
perm read /dev/kevm