Section 5.5.12. Privilege Auditing

Previous page
Table of content
Next page

5.5.12. Privilege Auditing

The project introduces a system call that needs auditing, setppriv(2); it also adds two new opcodes to modctl() that need auditing too. Three new audit events, AUE_SETPPRIV, AUE_MODALLOCPRIV, and AUE_MODDEVPLCY are generated for changing privilege sets, adding a privilege from outside the kernel, and changing the device policy, respectively.

Solaris keeps track of whether suser() was called and whether it was called successfully and recorded its information in the audit trail. Many "privilege checks," such as drv_priv(9f), turned out to be direct comparisons of the effective uid to zero, which are not recorded in the audit trail.

The Least Privilege implementation takes a cue from Trusted Solaris and records the privileges the process used or failed to use in the audit trail. The privileges are recorded in their textual representation. The successful use of basic privileges is not audited. The attempt to use a basic privilege that is missing is audited because it can be considered an event that should not have taken place. The already defined audit modifier tokens AUT_PRIV and AUT_UPRIV are used for that purpose.



Previous page
Table of content
Next page
SolarisT Internals. Solaris 10 and OpenSolaris Kernel Architecture
Solaris Internals: Solaris 10 and OpenSolaris Kernel Architecture (2nd Edition)
ISBN: 0131482092
EAN: 2147483647
Year: 2004
Pages: 244
Authors: Richard McDougall, Jim Mauro
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Microsoft WSH and VBScript Programming for the Absolute Beginner
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
.NET System Management Services
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy