sys_attrs_sec(5)sys_attrs_sec(5)NAMEsys_attrs_sec - sec subsystem attributes
DESCRIPTION
This reference page lists and describes attributes for the Security
(sec) kernel subsystem. Refer to the sys_attrs(5) reference page for an
introduction to the topic of kernel subsystem attributes. In the fol‐
lowing list, attributes preceded by an asterisk (*) can be modified at
run time.
Enables (enable) or disables (disable) Access Control List (ACL)
access checks and default ACL inheritance on the system. See
acl(4) and the Security manual for more information.
Default value: disable
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
The size of the audit buffer in 1-KB units.
Default value: 16 (kilobytes)
Minimum value: 16
Maximum value: 1024
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
If you are generating your own audit records and the size of
these records is close to or greater than the current audit_buf‐
fer_size value, increasing this value may improve system perfor‐
mance.
The size, in bytes, reserved for the audit site mask. Each byte
can support four site-defined events.
Default value: 64 (bytes)
Minimum value: 1
Maximum value: 1,048,576
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
The audit subsystem allows sites to define their own audit
events (site-defined events). The site-defined events are speci‐
fied in the /etc/sec/site_events file. Because the number of
site-defined events is determined by the customer, the
audit_site_events attribute is provided so the customer can
specify how much memory the kernel needs to reserve for these
events. There is no need to change this value unless there are
more than 256 site-defined events. See the Security manual for
more information on specifying site-defined events.
A value that controls the permission bits of a file with access
control lists (ACLs) as seen by an NFS Version 2 client. NFS
Version 2 clients make their own file access decisions, based on
their interpretation of the file's permission bits. The file
permission bits may not accurately specify file access if the
file has an ACL. You can specify the following values for the
nfs_flatten_mode attribute to better control file access deci‐
sions by NFS Version 2 clients: Do not modify file access; send
the original file permission bits to the NFS Version 2 client.
Restrict the file access; modify the “group” and “other” fields
of the file permissions so that the permission bits grant only a
level of access that is granted in every ACL entry. For example,
send permission bits that grant write access only if all ACL
entries grant write access. Make file access more permissive;
modify the “group” and “other” fields of the file permissions so
that the permission bits reflect a level of access that is
granted by the combination of ACL entries. For example, if some
ACL entries grant read and execute permission and others grant
write permission, send permission bits that grant read, write,
and execute permission.
Default value: 0
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
See acl(4) for more information.
A value that controls the behavior of the open() call with
respect to fifos. When enabled (1), restricted_fifo_open pre‐
vents an open() call from opening a fifo if all the following
conditions are true: The parent directory is world writable.
The current user is not the fifo owner. The fifo owner is not
the owner of parent directory. The fifo owner is not root.
Default value: 0 (disabled)
For best system security, it is recommended that the
restricted_fifo_open attribute be changed to 1 (enabled).
A value that affects the behavior of the link() and rename()
functions with respect to hard links. When enabled (1), this
attribute:
Prevents hard link creation by causing link() to fail if all of
the following conditions are true: The caller is not privileged.
The hard link is to be created in a world-writable directory.
The current user is not the owner of the directory where the
hard link is to be created. The current user is not the owner
of the file object underlying the link. Prevents moving a hard
link into a world-writable directory by causing rename() to fail
if all the following conditions are true: The from parameter is
not a directory. The from parameter is not a symlink. The link
count for from is greater than 1. The current user is not priv‐
ileged. The to parameter specifies a world-writable directory.
The current user does not own the parent directory of the to
parameter.
Default value: 0 (disabled)
For best system security, it is recommended that the
restricted_hardlink_creat attribute be changed to 1 (enabled).
A value that affects the behavior of the open() system call with
respect to symbolic links. If enabled (1), this attribute pre‐
vents open() from following a symbolic link if all the following
conditions are true: The directory that contains the symbolic
link is world-writable. The owner of the symbolic link is not
root. The owner of the symbolic link is not the current user.
The symbolic link and the directory that contains it do not have
the same owner.
If these conditions are true, the open() call fails and return
[EACCES] to the caller.
Default value: 0 (disabled)
For best system security, it is recommended that the
restricted_symlink_follow attribute be changed to 1 (enabled).
The size limit, in bytes, of property list entries on UFS file
systems.
Default value: 8192 (bytes)
Minimum value: 320
Maximum value: 18,446,744,073,709,551,615
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
On AdvFS file systems, a property list entry has a hard size
limit of 1560 bytes. The ufs_proplist_max_entry attribute facil‐
itates interoperation of UFS and AdvFS property list entries.
Set this attribute to 1560 if you want to use all property list
entries on your system with both UFS and AdvFS file systems. See
proplist(4) for more information about property lists.
The ufs_proplist_max_entry attribute interacts with the
ufs_sec_proplist_max_entry attribute. The latter is used to con‐
figure the size of ACLs on UFS file systems. Because ACLs are
stored in property lists, ufs_sec_proplist_max_entry cannot be
greater than (ufs_proplist_max_entry - 64) bytes. If
ufs_sec_proplist_max_entry is set to exceed this limit, the
value of ufs_proplist_max_entry is automatically increased. The
size limit, in bytes, of ACLs on UFS file systems.
Default value: 1548 (bytes)
Minimum value: 256
Maximum value: 18,446,744,073,709,551,551
In a TruCluster environment, the value of this attribute must be
the same on all member systems.
ACLs are implemented by using property lists. On AdvFS file sys‐
tems, there is a hard size limit of 1560 bytes for a property
list entry. This limit allows 2548 bytes for the ACL data, or a
total of 65 entries, plus the three required entries of user::,
group::, and other::. Files have only one ACL, an Access ACL.
Directories can have up to three ACLs: an Access ACL, a Default
ACL, and a Default Directory ACL. The AdvFS limit is placed on
each of the three ACLs for a directory, meaning that each can
have up to 65 entries. See acl(4) and the Security manual for
more information about ACLs.
By default, the ufs_sec_proplist_max_entry attribute is set to
ensure that the size limit of ACLs on UFS file systems is the
same as the size limit of ACLs on AdvFS file systems. This
ensures that ACLs on your system can be copied between UFS and
AdvFS file systems. It is recommended that you not modify the
default setting of ufs_sec_proplist_max_entry unless you have
strong need for larger ACLs.
The ufs_sec_proplist_max_entry attribute interacts with the
ufs_proplist_max_entry attribute. See the description of
ufs_proplist_max_entry for a description of this relationship.
SEE ALSO
Files: acl(4), proplist(4)
Others: sys_attrs(5)
Security
sys_attrs_sec(5)