5. Process Rights Management
This chapter describes the introduction of process privileges in Solaris. Process privileges serve one main purpose: restricting processes to the privileges required to perform the task at hand and no more.
5.1. Then and Now
The traditional UNIX privilege model associates all privileges with the effective uid 0. The basic flaw of that model is the all-or-nothing approach. An application that needs a single special privilege, such as a Web server binding to the reserved port 80, a program running in the real-time scheduling class, a server to keep the clock synchronized, the NFS server, all need to run or start as root.
This traditional approach has a number ...
Get Solaris™ Internals: Solaris 10 and OpenSolaris Kernel Architecture, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
