Within the file /etc/security/exec_attr.d/core-os, the following line is found:
Network Management:solaris:cmd:RO::/usr/sbin/dladm:euid=dladm;egid=netadm;
\\privs=sys_dl_config,net_rawaccess,proc_audit
To assume which of the following can a user using the su command execute dladm with full privileges?
A.
the net_rawacess role
B.
the sys_dl_config profile
C.
the Network Management role
D.
a role that includes the sys_dl_config profile
E.
a role that includes the Network Management profile
Explanation:
Note:
* (not A, not B, not D) The privs key contains a comma-separated list of privilege numbers that will be effective
when the command or action is run.
* euid and uid contain a single user name or a numeric user ID. Commands designated with euid run with the
effective UID indicated, which is similar to setting the setuid bit on an executable file. Commands designated
with uid run with both the real and effective UIDs. Setting uid may be more appropriate than setting the euid on
privileged shell scripts.
* egid and gid contain a single group name or a numeric group ID. Commands designated with egid run with
the effective GID indicated, which is similar to setting the setgid bit on a file. Commands designated with gid run
with both the real and effective GIDs. Setting gid may be more appropriate than setting guid on privileged shell
scripts.
* /etc/security/exec_attr is a local database that specifies the execution attributes associated with profiles.
/etc/security/exec_attr
Locally added entries. Make sure that the shipped header remains intact.
/etc/security/exec_attr.d/*
Entries added by package installation.