Specifications
Red Hat Enterprise Linux to Oracle Solaris Porting Guide
104
TABLE A-1. ORACLE SOLARIS 11 SECURITY PRIVILEGES
PRIVILEGE NAME DESCRIPTION
PRIV_SYS_RES_CONFIG Allow a process to create and delete processor sets, assign CPUs
to processor sets and override the PSET_NOESCAPE property.
Allow a process to change the operational status of CPUs in the
system using p_online(2)
. Allow a process to configure file
system quotas. Allow a process to configure resource pools and
bind processes to pools.
PRIV_SYS_RESOURCE Allow a process to exceed the resource limits imposed on it by
setrlimit(2) and setrctl(2)
.
PRIV_SYS_SUSER_COMPAT Allow a process to successfully call a third-party loadable module
that calls the kernel suser() function to check for allowed access.
This privilege exists only for third-party loadable module
compatibility and is not used by Oracle Solaris proper.
PRIV_SYS_TIME Allow a process to manipulate system time using any of the
appropriate system calls: stime(2), adjtime(2)
, and
ntp_adjtime(2).
PRIV_SYS_TRANS_LABEL Allow a process to translate labels that are not dominated by the
process's sensitivity label to and from an external string form.
This privilege is interpreted only if the system is configured with
Trusted Extensions.
PRIV_WIN_COLORMAP Allow a process to override colormap restrictions.
Allow a process to install or remove colormaps.
Allow a process to retrieve colormap cell entries allocated by other
processes.
This privilege is interpreted only if the system is configured with
Trusted Extensions.
PRIV_WIN_CONFIG Allow a process to configure or destroy resources that are
permanently retained by the X server.
Allow a process to use SetScreenSaver to set the screen saver
timeout value.
Allow a process to use ChangeHosts to modify the display access
control list.
Allow a process to use GrabServer.
Allow a process to use the SetCloseDownMode request that can
retain window, pixmap, colormap, property, cursor, font, or graphic
context resources.
This privilege is interpreted only if the system is configured with
Trusted Extensions.