You administer an Oracle Solaris 11 server with multiple zones. You want to configure it so that all
nonprivileged users in the global zone see only their own process.
What must you do to make the change?
A.
Modify the LIMITPRIV variable in the /etc/usr/user_attr file.
B.
Modify the basic privilege ser in the /etc/security/policy.conf file.
C.
Configure the priv= attribute in the /etc/security/prof_attr.d/core-os file.
D.
Configure privileges for the ps command in the /etc/security/exec_attrd/core-os file.
Explanation:
* policy.conf
policy.conf– configuration file for security policy.
The policy.conf file provides the security policy configuration for user-level attributes.
* Example: Modifying Every User’s Basic Privilege Set
In this example, the security administrator of a large Sun Ray installation does not want regular
users to view the processes of other Sun Ray users. Therefore, on every system that is configured
with Trusted Extensions, the root role removes proc_info from the basic set of privileges. The
PRIV_DEFAULT setting in the /etc/policy.conf file is uncommented and modified as follows:
PRIV_DEFAULT=basic,!proc_info