|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
File Formats exec_attr(4)
NAME
exec_attr - execution profiles database
SYNOPSIS
/etc/security/exec_attr
DESCRIPTION
/etc/security/exec_attr is a local database that specifies
the execution attributes associated with profiles. The
exec_attr file can be used with other sources for execution
profiles, including the exec_attr NIS map and NIS+ table.
Programs use the getexecattr(3SECDB) routines to access this
information.
The search order for multiple execution profile sources is
specified in the /etc/nsswitch.conf file, as described in
the nsswitch.conf(4) man page. The search order follows the
entry for prof_attr(4).
A profile is a logical grouping of authorizations and com-
mands that is interpreted by a profile shell to form a
secure execution environment. The shells that interpret pro-
files are pfcsh, pfksh, and pfsh. See the pfsh(1) man page.
Each user's account is assigned zero or more profiles in the
user_attr(4) database file.
Each entry in the exec_attr database consists of one line of
text containing seven fields separated by colons (:). Line
continuations using the backslash (\fR) character are per-
mitted. The basic format of each entry is:
name:policy:type:res1:res2:id:attr
name
The name of the profile. Profile names are case-
sensitive.
policy
The security policy that is associated with the profile
entry. The valid policies are suser (standard Solaris
superuser) and solaris. The solaris policy recognizes
privileges (see privileges(5)); the suser policy does
not.
The solaris and suser policies can coexist in the same
exec_attr database, so that Solaris releases prior to
the current release can use the suser policy and the
SunOS 5.10 Last change: 25 July 2006 1
File Formats exec_attr(4)
current Solaris release can use a solaris policy.
solaris is a superset of suser; it allows you to specify
privileges in addition to UIDs. Policies that are
specific to the current release of Solaris or that con-
tain privileges should use solaris. Policies that use
UIDs only or that are not specific to the current
Solaris release should use suser.
type
The type of object defined in the profile. There are two
valid types: cmd and act. The cmd type specifies that
the ID field is a command that would be executed by a
shell. The act type is available only if the system is
configured with Trusted Extensions. It specifies that
the ID field is a CDE action that should be executed by
the Trusted Extensions CDE action mechanism.
res1
Reserved for future use.
res2
Reserved for future use.
id
A string that uniquely identifies the object described
by the profile. For a profile of type cmd, the id is
either the full path to the command or the asterisk (*)
symbol, which is used to allow all commands. An asterisk
that replaces the filename component in a pathname indi-
cates all files in a particular directory.
To specify arguments, the pathname should point to a
shell script that is written to execute the command with
the desired argument. In a Bourne shell, the effective
UID is reset to the real UID of the process when the
effective UID is less than 100 and not equal to the real
UID. Depending on the euid and egid values, Bourne shell
limitations might make other shells preferable. To
prevent the effective UIDs from being reset to real
UIDs, you can start the script with the -p option.
SunOS 5.10 Last change: 25 July 2006 2
File Formats exec_attr(4)
#!/bin/sh -p
If the Trusted Extensions feature is configured and the
profile entry type is act, the ID is either the fully
qualified name of a CDE action, or an asterisk (*)
representing a wildcard. A fully qualified CDE action is
specified using the action name and four additional
semicolon-separated fields. These fields can be empty
but the semicolons are required.
argclass
Specifies the argument class (for example, FILE or
SESSION.) Corresponds to ARG_CLASS for CDE actions.
argtype
Specifies the data type for the argument.
Corresponds to ARG_TYPE for CDE actions.
argmode
Specifies the read or write mode for the argument.
Corresponds to ARG_MODE for CDE actions.
argcount
Specifies the number of arguments that the action
can accept. Corresponds to ARG_COUNT for CDE actions
attr
An optional list of semicolon-separated (;) key-value
pairs that describe the security attributes to apply to
the object upon execution. Zero or more keys may be
specified. The list of valid key words depends on the
policy enforced. The following key words are valid:
euid, uid, egid, gid, privs, and limitprivs.
euid and uid contain a single user name or a numeric
user ID. Commands designated with euid run with the
SunOS 5.10 Last change: 25 July 2006 3
File Formats exec_attr(4)
effective UID indicated, which is similar to setting the
setuid bit on an executable file. Commands designated
with uid run with both the real and effective UIDs. Set-
ting uid may be more appropriate than setting the euid
on privileged shell scripts.
egid and gid contain a single group name or a numeric
group ID. Commands designated with egid run with the
effective GID indicated, which is similar to setting the
setgid bit on a file. Commands designated with gid run
with both the real and effective GIDs. Setting gid may
be more appropriate than setting guid on privileged
shell scripts.
privs contains a privilege set which will be added to
the inheritable set prior to running the command.
limitprivs contains a privilege set which will be
assigned to the limit set prior to running the command.
privs and limitprivs are only valid for the solaris pol-
icy.
EXAMPLES
Example 1: Using Effective User ID
The following example shows the audit command specified in
the Audit Control profile to execute with an effective user
ID of root (0):
Audit Control:suser:cmd:::/usr/sbin/audit:euid=0
FILES
/etc/nsswitch.conf
/etc/user_attr
/etc/security/exec_attr
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
SunOS 5.10 Last change: 25 July 2006 4
File Formats exec_attr(4)
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availibility | SUNWcsr |
|_____________________________|_____________________________|
| Interface Stability | See below |
|_____________________________|_____________________________|
The command-line syntax is evolving. The output is unstable.
CAVEATS
When deciding which authorization source to use (see
DESCRIPTION), keep in mind that NIS+ provides stronger
authentication than NIS.
Because the list of legal keys is likely to expand, any code
that parses this database must be written to ignore unknown
key-value pairs without error. When any new keywords are
created, the names should be prefixed with a unique string,
such as the company's stock symbol, to avoid potential nam-
ing conflicts.
The following characters are used in describing the database
format and must be escaped with a backslash if used as data:
colon (:), semicolon (;), equals (=), and backslash (\fR).
SEE ALSO
auths(1), dtaction(1), profiles(1), roles(1), sh(1),
makedbm(1M), getauthattr(3SECDB), getauusernam(3BSM),
getexecattr(3SECDB), getprofattr(3SECDB),
getuserattr(3SECDB), kva_match(3SECDB), auth_attr(4),
prof_attr(4), user_attr(4), attributes(5), privileges(5)
SunOS 5.10 Last change: 25 July 2006 5
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:27:22 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (4704 hits)
(openSUSE 10.2)
adv_cap_autoneg man page (4614 hits)
(Solaris 10 11_06)
CPAN man page (4352 hits)
(Suse Linux 10.1)
ssh man page (4194 hits)
(Suse Linux 10.1)
svn man page (3401 hits)
(FreeBSD 6.2)
startproc man page (1954 hits)
(Suse Linux 10.1)
pprosetup man page (1737 hits)
(Solaris 10 11_06)
netcat man page (1693 hits)
(Suse Linux 10.1)
signal man page (1670 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (1655 hits)
(Solaris 10 11_06)
|
Man Pages 
