| Authorization |
Purpose |
| configaudit |
Allows the user to configure the audit system by modifying the audit parameters. This should not be assigned
to anyone other than the Audit Administrator. |
| writeaudit |
Gives the ability to write audit records to the audit trail. (Normally, users wouldn't have this, but a process
would need this to write audit records.) This should not be assigned to anyone other than the audit
administrator. |
| execsuid |
This allows the user to run SUID programs. If the user does not have this authority, SUID programs will not
execute for this user. |
| chmodsugid |
This gives the ability to set or remove the SUID, SGID, or sticky bits on files or directories using the chmod
command. |
| chown |
This authority determines if the user can change the ownership of an object. This is enforced even if the
user is the owner of the object. Without this authorization, only root can change the ownership. |
| suspendaudit |
This authority allows the process to suspend the auditing of its activities. This should not be assigned to
anyone other than the audit administrator. |
