prasad wrote:
> What is the relationship between privileges and file permissions? I am
> getting a permission denied error due to lack of file_dac_* privilege.
>
> Here's one of my simple cases...
>
> I have the following entry in /etc/security/exec_attr:
> App Log
> Management:solaris:cmd:::/u01/apps/bin/logLvl:euid=app;egid=app;privs=all
>
> where /u01/apps/bin/logLvl has read and execute permissions (0500) only for
> the user app.
>
I don't think this configuration does what you intend.
/u01/apps/bin/logLvl once executing would get the indicated privs/ids
that does not change the fact that the shell/etc you are starting it
from lacks execute access to the binary itself.
-Will
