P

-p option

auditrecord command, How to Display Audit Record Definitions

bart create, How to Compare Manifests for the Same System Over Time

cryptoadm command

How to Prevent the Use of a User-Level Mechanism

How to Prevent the Use of a Kernel Software Provider

logins command, How to Display Users Without Passwords

packet transfers

firewall security, Firewall Systems

packet smashing, Encryption and Firewall Systems

PAM

adding a module, How to Add a PAM Module

configuration file

Kerberos and, Kerberos Files

configuration files

control flags, How PAM Stacking Works

introduction, PAM Configuration (Reference)

stacking, How PAM Stacking Works

syntax, PAM Configuration File Syntax

/etc/rsyslog.conf file, How to Log PAM Error Reports

/etc/syslog.conf file, How to Log PAM Error Reports

framework, Introduction to the PAM Framework

Kerberos and, Kerberos Components

overview, PAM (Overview)

planning, Planning for Your PAM Implementation

stack to cache authentication, How to Use Your Assigned Administrative Rights

stacking

diagrams, How PAM Stacking Works

example, PAM Stacking Example

explained, How PAM Stacking Works

task map, PAM (Tasks)

pam.conf file, See PAM configuration files

PAM configuration file, adding su stack, How to Use Your Assigned Administrative Rights

PAM modules, How to Use Your Assigned Administrative Rights

pam_roles command, description, Commands That Manage RBAC

pam_tty_tickets.so.1 module, PAM, How to Use Your Assigned Administrative Rights

PAMServiceName keyword, sshd_config file, Keywords in Secure Shell

PAMServicePrefix keyword, sshd_config file, Keywords in Secure Shell

panels, table of SEAM Tool, SEAM Tool Panel Descriptions

passphrases

changing for Secure Shell, How to Change the Passphrase for a Secure Shell Private Key

encrypt command, How to Encrypt and Decrypt a File

example, How to Log In to a Remote Host With Secure Shell

generating in KMF, How to Generate a Passphrase by Using the pktool setpin Command

mac command, How to Compute a MAC of a File

storing safely, How to Encrypt and Decrypt a File

using for MAC, How to Compute a MAC of a File

using in Secure Shell, How to Reduce Password Prompts in Secure Shell

PASSREQ in Secure Shell, Secure Shell and Login Environment Variables

passwd command

and kpasswd command, Changing Your Password

and naming services, Managing Password Information

changing password of role, How to Change the Password of a Role

syntax, How to Change the root Password

password authentication, Secure Shell, Secure Shell Authentication

PasswordAuthentication keyword, Secure Shell, Keywords in Secure Shell

passwords

authentication in Secure Shell, Secure Shell Authentication

changing role password, How to Change the Password of a Role

changing with kpasswd command, Changing Your Password

changing with passwd -r command, Managing Password Information

changing with passwd command, Changing Your Password

constraining encryption algorithms in heterogeneous environment, How to Specify an Algorithm for Password Encryption

displaying users with no passwords, How to Display Users Without Passwords

eliminating in Secure Shell, How to Reduce Password Prompts in Secure Shell

encryption algorithms, Password Encryption

finding users with no passwords, How to Display Users Without Passwords

granting access without revealing, Granting Access to Your Account

hardware access and, How to Require a Password for SPARC Hardware Access

LDAP, Managing Password Information

specifying new password algorithm, How to Specify a New Password Algorithm for an LDAP Domain

local, Managing Password Information

login security

Maintaining Login Control

Maintaining Login Control

Managing Password Information

managing, Kerberos Password Management

modifying a principal's password, How to Modify a Kerberos Principal

NIS, Managing Password Information

specifying new password algorithm, How to Specify a New Password Algorithm for an NIS Domain

policies and, Changing Your Password

PROM security mode

Maintaining Physical Security

Controlling Access to System Hardware (Tasks)

protecting

keystore, How to Export a Certificate and Private Key in PKCS #12 Format

PKCS #12 file, How to Export a Certificate and Private Key in PKCS #12 Format

requiring for hardware access, How to Require a Password for SPARC Hardware Access

secret-key decryption for Secure RPC, Implementation of Diffie-Hellman Authentication

specifying algorithm, How to Specify an Algorithm for Password Encryption

in naming services, How to Specify a New Password Algorithm for an NIS Domain

locally, Changing the Default Algorithm for Password Encryption (Tasks)

suggestions on choosing, Advice on Choosing a Password

system logins, Managing Password Information

task map, Securing Logins and Passwords (Task Map)

UNIX and Kerberos, Kerberos Password Management

using Blowfish in heterogeneous environment, How to Specify an Algorithm for Password Encryption

using MD5 encryption algorithm for, How to Specify an Algorithm for Password Encryption

using new algorithm, How to Specify an Algorithm for Password Encryption

using user's to assume role

How to Reorder Assigned Security Attributes

How to Enable a User to Use Own Password to Assume a Role

path_attr audit token, path_attr Token

path audit policy, description, Understanding Audit Policy

path audit token, format, path Token

PATH environment variable

and security, Setting the PATH Variable

setting, Setting the PATH Variable

PATH in Secure Shell, Secure Shell and Login Environment Variables

permanent audit policy, configured audit policy, How to Change Audit Policy

permissions

ACLs and, Using Access Control Lists

changing file permissions

absolute mode

File Permission Modes

How to Change File Permissions in Absolute Mode

chmod command, Commands for Viewing and Securing Files

symbolic mode

File Permission Modes

File Permission Modes

How to Change File Permissions in Symbolic Mode

How to Change File Permissions in Symbolic Mode

defaults, Default umask Value

directory permissions, UNIX File Permissions

file permissions

absolute mode

File Permission Modes

How to Change File Permissions in Absolute Mode

changing

File Permission Modes

How to Change File Permissions in Symbolic Mode

description, UNIX File Permissions

special permissions

Sticky Bit

File Permission Modes

symbolic mode

File Permission Modes

File Permission Modes

How to Change File Permissions in Symbolic Mode

How to Change File Permissions in Symbolic Mode

finding files with setuid permissions, How to Find Files With Special File Permissions

setgid permissions

absolute mode

File Permission Modes

How to Change Special File Permissions in Absolute Mode

description, setgid Permission

symbolic mode, File Permission Modes

setuid permissions

absolute mode

File Permission Modes

How to Change Special File Permissions in Absolute Mode

description, setuid Permission

security risks, setuid Permission

symbolic mode, File Permission Modes

special file permissions

Special File Permissions (setuid, setgid and Sticky Bit)

Sticky Bit

File Permission Modes

sticky bit, Sticky Bit

UFS ACLs and, Using Access Control Lists to Protect UFS Files

umask value, Default umask Value

user classes and, File and Directory Ownership

PermitEmptyPasswords keyword, sshd_config file, Keywords in Secure Shell

PermitRootLogin keyword, sshd_config file, Keywords in Secure Shell

permitted privilege set, How Privileges Are Implemented

PermitUserEnvironment keyword, sshd_config file, Keywords in Secure Shell

perzone audit policy

description, Understanding Audit Policy

setting, How to Change Audit Policy

using

How to Plan Auditing in Zones

How to Configure Per-Zone Auditing

Auditing and Oracle Solaris Zones

when to use, Auditing on a System With Oracle Solaris Zones

pfcsh command, description, Profile Shells and RBAC

pfedit command, description, Commands That Manage RBAC

pfexec command, description, Commands That Manage RBAC

pfksh command, description, Profile Shells and RBAC

pfsh command, description, Profile Shells and RBAC

physical security, description, Maintaining Physical Security

PidFile keyword, Secure Shell, Keywords in Secure Shell

PKCS #10 CSR, use, How to Sign a Certificate Request by Using the pktool signcsr Command

PKCS #11 library

adding provider library, How to Add a Software Provider

in Cryptographic Framework, Introduction to the Cryptographic Framework

PKCS #11 softtokens, managing keystore, KMF Keystore Management

PKCS #12 files, protecting, How to Export a Certificate and Private Key in PKCS #12 Format

pkcs11_kernel.so user-level provider, How to List Available Providers

pkcs11_softtoken.so user-level provider, How to List Available Providers

PKI

managed by KMF, Managing Public Key Technologies (Overview)

policy managed by KMF, KMF Policy Management

pktool command

creating self-signed certificate, How to Create a Certificate by Using the pktool gencert Command

export subcommand, How to Export a Certificate and Private Key in PKCS #12 Format

gencert subcommand, How to Create a Certificate by Using the pktool gencert Command

generating key pairs, How to Generate a Key Pair by Using the pktool genkeypair Command

generating secret keys, How to Generate a Symmetric Key by Using the pktool Command

import subcommand, How to Import a Certificate Into Your Keystore

list subcommand, How to Create a Certificate by Using the pktool gencert Command

managing PKI objects, Managing Public Key Technologies (Overview)

setpin subcommand, How to Generate a Passphrase by Using the pktool setpin Command

signing PKCS #10 CSR, How to Sign a Certificate Request by Using the pktool signcsr Command

plain.so.1 plug-in, SASL and, SASL Plug-ins

planning

auditing, Planning Auditing (Tasks)

auditing in zones, How to Plan Auditing in Zones

Kerberos

client and service principal names, Client and Service Principal Names

clock synchronization, Clock Synchronization Within a Realm

configuration decisions, Planning for the Kerberos Service

database propagation, Which Database Propagation System to Use

number of realms, Number of Realms

ports, Ports for the KDC and Admin Services

realm hierarchy, Realm Hierarchy

realm names, Realm Names

realms, Planning Kerberos Realms

slave KDCs, The Number of Slave KDCs

PAM, Planning for Your PAM Implementation

RBAC, How to Plan Your RBAC Implementation

pluggable authentication module, See PAM

plugin_list option, SASL and, SASL Options

plugins

adding to KMF, How to Manage Third-Party Plugins in KMF

auditing, Audit Plugin Modules

Cryptographic Framework, Introduction to the Cryptographic Framework

managed in KMF, KMF Plugin Management

removing from KMF, How to Manage Third-Party Plugins in KMF

SASL and, SASL Plug-ins

plus sign (+)

audit class prefix, Audit Class Syntax

entry in sulog file, How to Monitor Who Is Using the su Command

file permissions symbol, File Permission Modes

in audit class prefixes, How to Configure syslog Audit Logs

policies

administering

Administering Kerberos Principals and Policies (Tasks)

Administering Kerberos Policies

creating (Kerberos), How to Create a New Kerberos Principal

creating new (Kerberos), How to Create a New Kerberos Policy

deleting, How to Delete a Kerberos Policy

for auditing, Understanding Audit Policy

modifying, How to Modify a Kerberos Policy

on devices, How to View Device Policy

overview, Security Policy

passwords and, Changing Your Password

SEAM Tool panels for, SEAM Tool Panel Descriptions

specifying password algorithm, Changing the Default Algorithm for Password Encryption (Tasks)

task map for administering, Administering Kerberos Policies (Task Map)

viewing attributes, How to View a Kerberos Policy's Attributes

viewing list of, How to View the List of Kerberos Policies

policy

definition in Cryptographic Framework, Terminology in the Cryptographic Framework

definition in Oracle Solaris, Security Policy

policy.conf file

description

policy.conf File

Commands That Manage RBAC

keywords

for password algorithms, Password Encryption

for privileges

policy.conf File

Files With Privilege Information

for RBAC authorizations, policy.conf File

for rights profiles, policy.conf File

for workstation owner, policy.conf File

specifying encryption algorithms in, How to Specify an Algorithm for Password Encryption

specifying password algorithm

in naming services, How to Specify a New Password Algorithm for an NIS Domain

specifying password algorithms, How to Specify an Algorithm for Password Encryption

port forwarding

configuring in Secure Shell, How to Configure Port Forwarding in Secure Shell

Secure Shell

How to Use Port Forwarding in Secure Shell

How to Use Port Forwarding in Secure Shell

Port keyword, Secure Shell, Keywords in Secure Shell

ports, for Kerberos KDC, Ports for the KDC and Admin Services

post-selection in auditing, Audit Terminology and Concepts

postdated ticket

definition, Types of Tickets

description, How the Kerberos Service Works

pound sign (#)

device_allocate file, device_allocate File

device_maps file, device_maps File

ppriv command, listing privileges, How to Determine the Privileges on a Process

praudit command

converting audit records to readable format, How to View the Contents of Binary Audit Files

description, Audit Service Man Pages

piping auditreduce output to, How to View the Contents of Binary Audit Files

use in a script, How to View the Contents of Binary Audit Files

viewing audit records, How to View the Contents of Binary Audit Files

XML format, How to View the Contents of Binary Audit Files

PreferredAuthentications keyword, ssh_config file, Keywords in Secure Shell

prefixes for audit classes, Audit Class Syntax

preselecting, audit classes, How to Preselect Audit Classes

preselection in auditing, Audit Terminology and Concepts

preselection mask (auditing), description, Process Audit Characteristics

PreUserauthHook keyword, ssh_config file, Keywords in Secure Shell

preventing

audit trail overflow, How to Prevent Audit Trail Overflow

kernel software provider use, How to Prevent the Use of a Kernel Software Provider

use of hardware mechanism, How to Disable Hardware Provider Mechanisms and Features

primary, in principal names, Kerberos Principals

principal

adding administration, How to Configure a KDC to Use an LDAP Data Server

adding service principal to keytab

Administering Keytab Files

How to Add a Kerberos Service Principal to a Keytab File

administering

Administering Kerberos Principals and Policies (Tasks)

Administering Kerberos Principals

automating creation of, Automating the Creation of New Kerberos Principals

creating, How to Create a New Kerberos Principal

creating clntconfig

How to Manually Configure a Master KDC

How to Configure a KDC to Use an LDAP Data Server

creating host

How to Manually Configure a Master KDC

How to Configure a KDC to Use an LDAP Data Server

deleting, How to Delete a Kerberos Principal

duplicating, How to Duplicate a Kerberos Principal

Kerberos, Kerberos Principals

modifying, How to Modify a Kerberos Principal

principal name, Kerberos Principals

removing from keytab file, How to Remove a Service Principal From a Keytab File

removing service principal from keytab, How to Remove a Service Principal From a Keytab File

SEAM Tool panels for, SEAM Tool Panel Descriptions

service principal, Kerberos Principals

setting up defaults, How to Set Up Defaults for Creating New Kerberos Principals

task map for administering, Administering Kerberos Principals (Task Map)

user ID comparison, How to Create a Credential Table

user principal, Kerberos Principals

viewing attributes, How to View a Kerberos Principal's Attributes

viewing list of, How to View the List of Kerberos Principals

viewing sublist of principals, How to View the List of Kerberos Principals

principal file, description, Kerberos Files

principal.kadm5 file, description, Kerberos Files

principal.kadm5.lock file, description, Kerberos Files

principal.ok file, description, Kerberos Files

principal.ulog file, description, Kerberos Files

principle of least privilege, Privileges Protect Kernel Processes

Printer Management (RBAC), rights profile, Rights Profiles

printing, audit log, How to View the Contents of Binary Audit Files

PrintLastLog keyword, ssh_config file, Keywords in Secure Shell

PrintMotd keyword, sshd_config file, Keywords in Secure Shell

priv.debug entry, syslog.conf file, Files With Privilege Information

PRIV_DEFAULT keyword

policy.conf file

policy.conf File

Files With Privilege Information

PRIV_LIMIT keyword

policy.conf file

policy.conf File

Files With Privilege Information

PRIV_PROC_LOCK_MEMORY privilege, Privileges and System Resources

privacy

availability, Overview of Kerberized Commands

Kerberos and, What Is the Kerberos Service?

security service, Kerberos Security Services

private keys

See also secret keys

definition in Kerberos, Authentication-Specific Terminology

Secure Shell identity files, Secure Shell Files

private protection level, Overview of Kerberized Commands

privilege audit token, privilege Token

privilege checking, in applications, Applications That Check for Privileges

privilege sets

adding privileges to, Expanding a User or Role's Privileges

basic, How Privileges Are Implemented

effective, How Privileges Are Implemented

inheritable, How Privileges Are Implemented

limit, How Privileges Are Implemented

listing, How Privileges Are Implemented

permitted, How Privileges Are Implemented

removing privileges from, Restricting a User or Role's Privileges

privileged application

authorization checking, Applications That Check Authorizations

description, RBAC Elements and Basic Concepts

ID checking, Applications That Check UIDs and GIDs

privilege checking, Applications That Check for Privileges

privileged ports, alternative to Secure RPC, Authentication and Authorization for Remote Access

privileges

adding to command in rights profile, How to Create a Rights Profile

administering, Using Privileges (Tasks)

assigning to a command, Assigning Privileges

assigning to a script, Assigning Privileges to a Script

assigning to a user, Assigning Privileges

assigning to role, How to Change the Security Attributes of a Role

assigning to user, How to Change the Security Attributes of a User

auditing and, Privileges and Auditing

categories, Privilege Descriptions

commands, Administrative Commands for Handling Privileges

compared to superuser model, Privileges (Overview)

debugging, Privileges and Debugging

description

RBAC Elements and Basic Concepts

RBAC Elements and Basic Concepts

Privilege Descriptions

Privilege Descriptions

determining directly assigned ones, How to Determine the Privileges That You Have Been Directly Assigned

devices and, Privileges and Devices

differences from superuser model, Administrative Differences on a System With Privileges

effects on SEAM Tool, Using the SEAM Tool With Limited Kerberos Administration Privileges

escalation, Prevention of Privilege Escalation

executing commands with privilege, Expanding a User or Role's Privileges

extended policy, Expanding a User or Role's Privileges

files, Files With Privilege Information

finding missing, How to Determine Which Privileges a Program Requires

how to use, Using Privileges (Tasks)

implemented in sets, How Privileges Are Implemented

inherited by processes, How Processes Get Privileges

limiting use in a rights profile, How to Create a Rights Profile

listing, How to List the Privileges on the System

listing on a process, How to Determine the Privileges on a Process

PRIV_PROC_LOCK_MEMORY, Privileges and System Resources

processes with assigned privileges, How Processes Get Privileges

programs aware of privileges, How Processes Get Privileges

protecting kernel processes, Privileges Protect Kernel Processes

removing from a user, Restricting a User or Role's Privileges

removing from basic set, How to Create a Rights Profile

removing from limit set, How to Change the Security Attributes of a User

removing from limit set in rights profile, How to Create a Rights Profile

task map, Using Privileges (Tasks)

troubleshooting

to users, How to Troubleshoot RBAC and Privilege Assignment

troubleshooting requirements for, How to Determine Which Privileges a Program Requires

using in shell script, How to Run a Shell Script With Privileged Commands

PROC privileges, Privilege Descriptions

process audit characteristics

audit session ID, Process Audit Characteristics

audit user ID, Process Audit Characteristics

process preselection mask, Process Audit Characteristics

terminal ID, Process Audit Characteristics

process audit token, format, process Token

process preselection mask, description, Process Audit Characteristics

process privileges, Privilege Descriptions

process rights management, See privileges

processing time costs, of audit service, Cost of Increased Processing Time of Audit Data

prof_attr database

description, prof_attr Database

summary, RBAC Databases

profile shells

description, Profile Shells and RBAC

opening, How to Use Your Assigned Administrative Rights

restricting rights, How to Restrict an Administrator to Explicitly Assigned Rights

profiles, See rights profiles

profiles command

creating rights profiles, How to Create a Rights Profile

description, Commands That Manage RBAC

listing user's rights profiles, How to View Your Assigned Rights

modifying rights profile, How to Create a Rights Profile

PROFS_GRANTED keyword, policy.conf file, policy.conf File

proftpd daemon, Kerberos and, Kerberos Daemons

programs

checking for RBAC authorizations, How to Add RBAC Properties to Legacy Applications

privilege-aware

How Privileges Are Implemented

How Processes Get Privileges

project.max-locked-memory resource control, Privileges and System Resources

PROM security mode, Controlling Access to System Hardware (Tasks)

propagation

KDC database, Which Database Propagation System to Use

Kerberos database, Backing Up and Propagating the Kerberos Database

protecting

32-bit executables from compromising security, Protecting Executable Files From Compromising Security

BIOS, pointer to, How to Require a Password for SPARC Hardware Access

by using passwords with Cryptographic Framework, Using the Key Management Framework (Task Map)

contents of keystore, How to Export a Certificate and Private Key in PKCS #12 Format

files with Cryptographic Framework, Protecting Files With the Cryptographic Framework (Task Map)

PROM, How to Require a Password for SPARC Hardware Access

sftp transfer directory, How to Create an Isolated Directory for sftp Files

system from risky programs, Protecting Against Programs With Security Risk (Task Map)

protecting files

user procedures, Protecting Files With UNIX Permissions (Task Map)

with UFS ACLs, Using Access Control Lists to Protect UFS Files

with UNIX permissions

Using UNIX Permissions to Protect Files

Protecting Files With UNIX Permissions (Task Map)

with UNIX permissions task map, Protecting Files With UNIX Permissions (Task Map)

protection level

clear, Overview of Kerberized Commands

private, Overview of Kerberized Commands

safe, Overview of Kerberized Commands

setting in ftp, Overview of Kerberized Commands

Protocol keyword, Secure Shell, Keywords in Secure Shell

providers

adding library, How to Add a Software Provider

adding software provider, How to Add a Software Provider

adding user-level software provider, How to Add a Software Provider

connecting to Cryptographic Framework, Plugins to the Cryptographic Framework

definition as plugins

Introduction to the Cryptographic Framework

Terminology in the Cryptographic Framework

definition in Cryptographic Framework, Terminology in the Cryptographic Framework

disabling hardware mechanisms, How to Disable Hardware Provider Mechanisms and Features

listing hardware providers, How to List Hardware Providers

listing in Cryptographic Framework, How to List Available Providers

preventing use of kernel software provider, How to Prevent the Use of a Kernel Software Provider

registering, Plugins to the Cryptographic Framework

restoring use of kernel software provider, How to Prevent the Use of a Kernel Software Provider

signing, Plugins to the Cryptographic Framework

proxiable ticket, definition, Types of Tickets

proxy ticket, definition, Types of Tickets

ProxyCommand keyword, ssh_config file, Keywords in Secure Shell

pseudo-tty, use in Secure Shell, Command Execution and Data Forwarding in Secure Shell

PubkeyAuthentication keyword, Secure Shell, Keywords in Secure Shell

public audit policy

description, Understanding Audit Policy

read-only events, Understanding Audit Policy

public directories

auditing, Audit Terminology and Concepts

sticky bit and, Sticky Bit

public key authentication, Secure Shell, Secure Shell Authentication

public key cryptography

AUTH_DH client-server session, Implementation of Diffie-Hellman Authentication

changing NFS public keys and secret keys, Implementation of Diffie-Hellman Authentication

common keys

calculation, Implementation of Diffie-Hellman Authentication

database of public keys for Secure RPC, Implementation of Diffie-Hellman Authentication

generating keys

conversation keys for Secure NFS, Implementation of Diffie-Hellman Authentication

using Diffie-Hellman, Implementation of Diffie-Hellman Authentication

NFS secret keys, Implementation of Diffie-Hellman Authentication

public key technologies, See PKI

public keys

changing passphrase, How to Change the Passphrase for a Secure Shell Private Key

DH authentication and, Diffie-Hellman Authentication and Secure RPC

generating public-private key pair, How to Generate a Public/Private Key Pair for Use With Secure Shell

Secure Shell identity files, Secure Shell Files

public objects, auditing, Audit Terminology and Concepts

publickey map, DH authentication, Diffie-Hellman Authentication and Secure RPC

pwcheck_method option, SASL and, SASL Options