Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 5. Privileges and Role-Based Access Control

5. Privileges and Role-Based Access Control

Traditionally, UNIX has two levels of security: ordinary users and administrators. Administrators are all-powerful and ordinary users are not. In Solaris 10, the Solaris OS has done away with this division of power and now implements a much finer-grained scheme called “privileges,” which can be used to delegate small pieces of “superuser power” to ordinary processes and users.

Since Version 8, the Solaris OS has also implemented an administrative model that allows for finer-grained control than the traditional UNIX root model: “roles.” Solaris roles can be used to define a specific set of tasks (“profiles”) for a specific type of administrator. Using profiles, you can define “Network Administrators” or “Tape Library Administrators” and assign those profiles to roles. These roles can subsequently be assumed by administrators to perform a role-specific task. There are large benefits from using this model, as we will describe in this chapter.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint