tpd(7) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

tpd(7)

Standards, Environments, Macros, Character Sets, and miscellany
                                                                        tpd(7)



NAME
       tpd, TPD - Trusted Path Domain

DESCRIPTION
       On immutable zones, certain processes are marked as part of the Trusted
       Path  Domain  (TPD).  These  processes  are  allowed  to  perform   all
       restricted options from the perspective of that process. The zone looks
       like an ordinary read-write global or non-global zone.


       In order to prevent non-TPD processes interfering with  TPD  processes,
       TPD  processes  cannot  be  trussed by non-TPD processes. TPD-processes
       terminals and fifos are marked specifically and they cannot  be  opened
       by non-TPD processes.


       The protected TPD processes are not allowed to open to read files, ter‐
       minals or fifos not protected by the mwac(7) policy. These files can be
       changed by the untrusted super-user. The content of those files, termi‐
       nals or fifos cannot be trusted, unless the  O_TPDUNSAFE  flag  is  set
       during open(2) or when the processes is marked as PRIV_TPD_UNSAFE using
       setpflags(2).


       A number of the daemons on the system are  running  in  the  TPD.  This
       includes init, svc.configd, and svc.startd.

SEE ALSO
       truss(1), fcntl(2), open(2), setpflags(2), mwac(7), smf(7), zlogin(1)



Oracle Solaris 11.4               21 Jun 2021                           tpd(7)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3