Solaris Internals: Solaris 10 and OpenSolaris Kernel Architecture (2nd Edition)

5.2. Least Privilege in Solaris

In this section we discuss the privilege models found in Solaris, some background that was considered when moving Least Privilege to Solaris, and the model that exists in Solaris today. In Section 5.3 we give the complete formal definition of our model and the additional features. The details of the data structure changes in the kernel, new data structures, and interfaces presented to programs and users can be found in Section 5.5.

Throughout this chapter we use the following notation:

V

logical OR

Λ

logical AND

element of

setwise union

setwise intersection

is a subset of

is a subset or equal

Ø

the empty set

B

the set of basic privileges

P

the set of all privileges

assignment

Related

Категории