Within the file /etc/security/exec_attr.d/core-os, the following line is found:
Network
Management:solaris:cmd:RO::/usr/sbin/dladm:euid=dladm;egid=netadm;\privs=sys_dl_config,net_
rawaccess,proc_audit
To assume which of the following can a user using the su command execute dladm with full
privileges?
A.
the net_rawacess role
B.
the sys_dl_config profile
C.
the Network Management role
D.
a role that includes the sys_dl_config profile
E.
a role that includes the Network Management profile
Explanation:
Note:
* (not A, not B, not D) The privs key contains a comma-separated list of privilege numbers that will
be effective when the command or action is run.
* euid and uid contain a single user name or a numeric user ID. Commands designated with euid
run with the effective UID indicated, which is similar to setting the setuid bit on an executable file.
Commands designated with uid run with both the real and effective UIDs. Setting uid may be more
appropriate than setting the euid on privileged shell scripts.
* egid and gid contain a single group name or a numeric group ID. Commands designated with
egid run with the effective GID indicated, which is similar to setting the setgid bit on a file.
Commands designated with gid run with both the real and effective GIDs. Setting gid may be more
appropriate than setting guid on privileged shell scripts.* /etc/security/exec_attr is a local database that specifies the execution attributes associated with
profiles.
/etc/security/exec_attr
Locally added entries. Make sure that the shipped header remains intact.
/etc/security/exec_attr.d/*
Entries added by package installation.
E. is correct