xiaobailong 发表于 2005-8-11 12:56

Solaris Privileges (ZT)

Solaris 10's 48 Privilege Names (ZT)

“contract_event”        Request reliable delivery of events       
“contract_observer”        Observe contract events for other users
"cpc_cpu”        Access to per-CPU perf counters
"dtrace_kernel"        DTrace kernel tracing
"dtrace_proc"        DTrace process-level tracing
"dtrace_user"        DTrace user-level tracing
"file_chown"        Change file's owner/group IDs
"file_chown_self"         Give away (chown) files
"file_dac_execute"        Override file's execute perms
"file_dac_read"        Override file's read perms
"file_dac_search"        Override dir's search perms
"file_dac_write"        Override (non-root) file's write perms
"file_link_any"        Create hard links to diff uid files
"file_owner"        Non-owner can do misc owner ops
"file_setid"        Set uid/gid (non-root) to diff id
"ipc_dac_read"        Override read on IPC/Shared Mem perms
"ipc_dac_write"        Override write on IPC/Shared Mem perms
"ipc_owner"        Override set perms/owner on IPC
"net_icmpaccess"        Send/Receive ICMP packets
"net_privaddr"        Bind to privilege port (<1023+extras)
"net_rawaccess”        Raw access to IP
"proc_audit”        Generate audit records
"proc_chroot”        Change root (chroot)
"proc_clock_highres" Allow use of hi-res timers
"proc_exec"        Allow use of execve()
"proc_fork"        Allow use of fork*() calls
"proc_info"        Examine /proc of other processes
"proc_lock_memory"        Lock pages in physical memory
"proc_owner"        See/modify other process states
"proc_priocntl"        Increase priority/sched class
"proc_session"        Signal/trace other session process
"proc_setid"        Set process UID
"proc_taskid"        Assign new task ID
“proc_zone”        Signal/trace processes in other zones
“sys_acct”        Manage accounting system (acct)
“sys_admin        System admin tasks (e.g. domain name)
"sys_audit"        Control audit system
"sys_config"        Manage swap
"sys_devices"        Override device restricts (exclusive)
"sys_ipc_config"        Increase IPC queue
"sys_linkdir"        Link/unlink directories
"sys_mount"        Filesystem admin (mount,quota)
"sys_net_config"        Config net interfaces,routes,stack
"sys_nfs"        Bind NFS ports and use syscalls
"sys_res_config"        Admin processor sets, res pools
"sys_resource"        Modify res limits (rlimit)
"sys_suser_compat"        3rd party modules use of suser
"sys_time"        Change system time

xiaobailong 发表于 2005-8-23 20:27

顶一下,因为和Solaris Containers有关。
页: [1]
查看完整版本: Solaris Privileges (ZT)