Skip Navigation Links | |
Exit Print View | |
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
How Administrators Assign Privileges
How Privileges Are Implemented
Compatibility Between the Superuser and Privilege Models
setppriv(): for Setting Privileges
priv_str_to_set() for Mapping Privileges
Privilege Bracketing in the Superuser Model
Privilege Bracketing in the Least Privilege Model
Guidelines for Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
9. Writing User-Level Cryptographic Applications
10. Introduction to the Oracle Solaris Key Management Framework
A. Secure Coding Guidelines for Developers
B. Sample C-Based GSS-API Programs
Authorizations are stored in the /etc/security/auth_attr file. To create an application that uses authorizations, take the following steps:
Scan the entries in the auth_attr database using the getent command as follows :
% getent auth_attr | sort | more
The getent command retrieves a list of authorizations in the auth_attr database and sorts similar named authorizations together. The authorizations are retrieved in the order in which they were configured. See the getent(1M) man page for information on using the getent command.
Check for the required authorization at the beginning of the program using the chkauthattr(3C) function.
The chkauthattr() function searches for the authorization in order in the following locations:
AUTHS_GRANTED key in the policy.conf(4) database – AUTHS_GRANTED indicates authorizations that have been assigned by default.
PROFS_GRANTED key in the policy.conf(4) database – PROFS_GRANTED indicates rights profiles that have been assigned by default. chkauthattr() checks these rights profiles for the specified authorization.
The user_attr(4) database – This database stores security attributes that have been assigned to users.
The prof_attr(4) database – This database stores rights profiles that have been assigned to users.
If chkauthattr() cannot find the right authorization in any of these places, then the user is denied access to the program. If the Stop profile is encountered by the chkauthattr() function, further authorizations and profiles including AUTHS_GRANTED, PROFS_GRANTED, and those found in the /etc/security/policy.conf are ignored. Hence the Stop profile can be used to override profiles that are listed using the PROFS_GRANTED and AUTHS_GRANTED key in the /etc/security/policy.conf file.
See Chapter 9, Using Role-Based Access Control (Tasks), in Oracle Solaris 11.1 Administration: Security Services for information on how to use the provided security attributes, add new ones, and assign them to users and processes.
Note - Users can add entries to the auth_attr(), exec_attr(), and prof_attr() databases. However Oracle Solaris authorizations are not stored in these databases.
Example 2-3 Checking for Authorizations
The following code snippet demonstrates how the chkauthattr() function can be used to check a user's authorization. In this case, the program checks for the solaris.job.admin authorization. If the user has this authorization, the user is able to read or write to other users' files. Without the authorization, the user can operate on owned files only.
/* Define override privileges */ priv_set_t *override_privs = priv_allocset(); /* Clear privilege set before adding privileges. */ priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, priv_FILE_DAC_WRITE, NULL); priv_addset(override_privs, PRIV_FILE_DAC_READ); priv_addset(override_privs, PRIV_FILE_DAC_WRITE); if (!chkauthattr("solaris.jobs.admin", username)) { /* turn off privileges */ setppriv(PRIV_OFF, PRIV_EFFECTIVE, override_privs); } /* Authorized users continue to run with privileges */ /* Other users can read or write to their own files only */