32 | |
Planning the | 33 |
Step 1: Planning the Roles | 33 |
Step 2: Planning Authorizations for the Roles | 33 |
Step 3: Planning Command Mappings | 34 |
34 | |
Configuring | 35 |
Step 1: Configuring Roles | 36 |
Creating Roles | 36 |
Assigning Roles to Users | 37 |
Assigning Roles to Groups | 37 |
Step 2: Configuring Authorizations | 37 |
Step 3: Configuring Additional Command Authorizations and Privileges | 38 |
Hierarchical Roles | 40 |
Overview | 40 |
Examples of Hierarchical Roles | 40 |
Changes to the authadm Command for Hierarchical Roles | 41 |
Hierarchical Roles Considerations | 41 |
Configuring | 42 |
Configuring | 43 |
Configuring | 44 |
Auditing Based on | 45 |
Procedure for Auditing | 45 |
Using | 46 |
Using the privrun Command to Run Applications with Privileges | 46 |
48 | |
Using the Privilege Shells (privsh, privksh, privcsh) to Automatically Run Commands with |
|
Privilege | 48 |
Using the privedit Command to Edit Files Under Access Control | 48 |
Customizing privrun and privedit Using the ACPS | 49 |
Troubleshooting | 50 |
The rbacdbchk Database Syntax Tool | 50 |
privrun | 50 |
4 | 51 |
Overview | 51 |
51 | |
Commands | 51 |
Manpages | 52 |
Available Privileges | 52 |
Configuring Applications with | 53 |
Privilege Model | 54 |
Compound Privileges | 54 |
Security Implications of | 55 |
Privilege Escalation | 55 |
55 | |
Troubleshooting | 55 |
5 Compartments | 57 |
Overview | 57 |
Compartment Architecture | 57 |
Default Compartment Configuration | 59 |
Planning the Compartment Structure | 59 |
4Table of Contents
