Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
11121314151617181920
This capability is intended to alleviate a security issue associated with dynamic loading. The
user must have root authority to dynamically load, and a WLI administrator key must grant
dlkm capability directly or through another authorized key.
1.2.4 api
WLI permits an application to execute functions contained within the shared object library /opt/
wli/lib/libwliapi.so by granting api capability. This library provides functions to
programmatically create, delete, and update policies described in Section 1.1 (page 9). The key
signing the executable that invokes libwliapi.so functions must be granted api capability
through wlicert. The executable is not required to have api capability.
The services provided by libwliapi are also provided by the wlipolicy command to users
holding an authorized key. For an implementation example using libwliapi, see libwliapi
example” (page 45).
1.2 Capabilities 11