Manualshelf

Specifications

ManualsBrandsRed Hat ManualsOtherENTERPRISE LINUX 3 - DEVELOPER TOOLS GUIDE
61626364656667686970
Red Hat Enterprise Linux to Oracle Solaris Porting Guide
69
Chapter 8 Runtime Environment
Though RHEL and Oracle Solaris are UNIX-based operating systems, there are some fundamental
differences in their runtime environments. One such difference which might affect application is the
privilege models on the two systems. Oracle Solaris uses the new least privilege model, which gives a
specified process only a subset of superuser powers, not full access to all privileges.
User and Process Privileges and Permissions
Legacy UNIX systems follow a superuser-based model. Hence, either an application is designed to run
as a “normal user” and have very limited privileges or it will have to run directly as the root user and
have almost all privileges. Typically, an application ported from such legacy operating systems might
have checks for UID (0/root) to test for the availability of specific privileges. On the other hand, on
Oracle Solaris, which uses the least privilege model, a user can have some of the 50 fine-grained
privileges.
The Oracle Solaris least privilege model conveniently enables normal users to do things such as bind to
lower-numbered ports, start daemon processes, and so on. On the other hand, it also protects the
system against programs that previously ran with full root privileges because they needed very limited
access, for example, mounting a file system. Hence, setuid root binaries and daemons that run with
full root privileges on RHEL are rarely necessary under the Oracle Solaris least privilege model.
While migrating an application from RHEL to Oracle Solaris per security best practices, try running
the application as a normal least privileged user, and then add necessary privileges to the process. In
order to determine which privilege is missing for a given application, use the debugging functionality of
ppriv in the shell, for example:
User1>/usr/bin/ppriv -D $$ // Enable ppriv debugging
User1>./my_net_application arg1 //Execute the application
my_net_application[2885]: missing privilege "net_icmpaccess" (euid = 2002,
syscall = 230) for "devpolicy" needed at so_socket+0xa4
my_net_application: icmp socket: Permission denied
User1>ppriv -N $$ //Disable ppriv debugging
From this, it is now evident that the PRIV_NET_ICMPACCESS privilege is not available for UID
2002. Once granted, my_net_application will start running successfully.
The role-based access control (RBAC) facility in Oracle Solaris 11 gives you the opportunity to deliver
fine-grained security in new and modified applications. RBAC is an alternative to the all-or-nothing
security model of traditional superuser-based systems. With RBAC, an administrator can assign
privileged functions to specific user accounts (or special accounts called roles). RBAC can also be used