YC Wang wrote:
The NET__MAC_AWARE privilege is needed in order for a non-global zone to do
cross-label communication. This privilege is in PUBLIC zone's limit set but
not in its effective set by default. You need to add it.
Thanks for your reply. But when running the "ppriv $$" command in the
public zone, I can find "net_mac_aware" in the E set, as well as in
the P set and L set. Does this mean that the NET_MAC_AWARE privilege
is already set by default?
It is included in the zone's limit set by default. Therefore root has it
in its permitted and effective sets by default. Normal users don't have
this privilege.
--Glenn
Thanks,
YC Wang
_______________________________________________
security-discuss mailing list
[email protected]
--
ORACLE ®
Glenn Faden | Senior Principal Software Engineer
Phone: +1 650 786 4003 | Mobile: +1 415 637 8181
Oracle Solaris Security, Solaris Core OS Technology Engineering
_______________________________________________
security-discuss mailing list
[email protected]
