Configuring and using RBAC
Before explaining and implementing the RBAC feature, it is necessary to remember why RBAC is necessary and, afterwards, to learn some fundamental concepts.
According to our previous study on Oracle Solaris 11, it would not be possible for a normal user to reboot an Oracle Solaris 11 system, as shown in the following command:
root@solaris11-1:~# useradd -d /export/home/aborges -m -s /bin/bash aborges 80 blocks root@solaris11-1:~# passwd aborges New Password: hacker123! Re-enter new Password: hacker123! passwd: password successfully changed for aborges root@solaris11-1:~# su - aborges Oracle Corporation SunOS 5.11 11.1 September 2012 aborges@solaris11-1:~$ reboot reboot: permission denied aborges@solaris11-1:~$
A simple and completely inappropriate solution would be to give a password from the root account to user aborges. However, this is unimaginable in a professional company. Another and a recommended solution is to use RBAC, which is a security feature that allows...
