privileges.5 (2011 09)
p
privileges(5) privileges(5)
pstat_shminfo()
PRIV_COMMALLOWED
pstat_socket()
PRIV_COMMALLOWED, PRIV_OWNER
pstat_stream()
PRIV_COMMALLOWED, PRIV_OWNER
Privileges for Security Containment
Some commands related to Security Containment make use of certain privileges that are not used in
other contexts:
setfilexsec PRIV_CHANGEFILEXSEC, PRIV_CMPTREAD , PRIV_CMPTWRITE,
PRIV_DACREAD , PRIV_DACWRITE
setrules PRIV_RULESCONFIG
Additionally, some library calls related to Security Containment make use of security specific privileges:
cmpt_change() PRIV_CHANGECMPT
cmpt_get() PRIV_COMMALLOWED
cmpt_get_addrcid()
PRIV_RULESCONFIG
cmpt_get_ifcid()
PRIV_RULESCONFIG
priv_get() PRIV_COMMALLOWED
privset_get() PRIV_COMMALLOWED
Privileges for System Calls
The following table lists system calls and the privileges they may need. Some of these are dependent on
what system object they are acting on (for example, files in another compartment), the state of the system
(for example, if the maximum number of open files has been reached), or other conditions.
__pset_rtctl() PRIV_PSET , PRIV_RTPSET
accept() PRIV_LIMIT
access() PRIV_CMPTREAD , PRIV_CMPTWRITE, PRIV_DACREAD ,
PRIV_DACWRITE
acct() PRIV_ACCOUNTING
acl() PRIV_CMPTREAD , PRIV_CMPTWRITE, PRIV_DACREAD ,
PRIV_DACWRITE , PRIV_OWNER
adjtime() PRIV_SYSATTR or PRIV_CORESYSATTR
audctl() PRIV_AUDCONTROL
audswitch() PRIV_SELFAUDIT
audtag() PRIV_SELFAUDIT
audwrite() PRIV_SELFAUDIT
bind() PRIV_NETPRIVPORT
chdir() PRIV_CMPTREAD , PRIV_CMPTWRITE, PRIV_DACREAD ,
PRIV_DACWRITE
chmod() PRIV_CMPTREAD , PRIV_DACREAD , PRIV_OWNER
chown() PRIV_CHOWN , PRIV_CMPTREAD, PRIV_DACREAD , PRIV_OWNER
chroot() PRIV_CHROOT , PRIV_CMPTREAD, PRIV_DACREAD
clock_settime() PRIV_SYSATTR or PRIV_CORESYSATTR
connect() PRIV_COMMALLOWED
crashconf() PRIV_DEVOPS
creat() PRIV_CMPTREAD , PRIV_CMPTWRITE, PRIV_DACREAD ,
PRIV_DACWRITE , PRIV_LIMIT , PRIV_OBJSUID , PRIV_OWNER
dup() PRIV_LIMIT
8 Hewlett-Packard Company − 8 − HP-UX 11i Version 3: September 2011