> 3.4.2 Authorization
> (see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/
> and
> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
> and
> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
> for details)
> Are there any setuid/setgid privileged binaries in the project?
> [ ] Yes - ARC review required
> [*] No - continue with next section (section 3.4.3)
>
> If yes then are the setuid/setgid privileges handled by the use of
> roles?
> [ ] Yes
> [ ] No - ARC review required
If it's not suid (as ping is), I presume that snort needs something
like net_observibility or net_raw_access to run properly. How does
it get that or any other privileges it may need?
What Rights Profile (and exec_attr(4) properties are required)?
Gary..
