getfilexsec(1M)getfilexsec(1M)NAMEgetfilexsec - display security attributes of binary executable(s)SYNOPSIS
The command displays various extended security attributes associated
with binary executable files. These attributes include retained privi‐
leges, permitted privileges, and compartment and security attribute
flags. See privileges(5) and exec(2)
The command supports the following options:
Displays the compartment name of the file(s).
Displays security attribute flags.
The only currently defined flag is the privilege start
Displays the minimum permitted privileges.
Displays the maximum permitted privileges.
Displays the minimum retained privileges.
Displays the maximum retained privileges.
If no options are specified, all extended security attributes of the
binary file(s) are displayed.
supports the following operand:
filename Binary executable file. All file names given as argu‐
ments must be binary executables. Files of other
types (for example, script executables, text files,
and so on) are not permitted.
The user invoking this command must be able to open the directory in
which the binary executable files are present.
returns the following values:
The attributes are displayed.
An error occurs.
An error can be caused by an invalid option or inadequate
permissions to perform the operation.
Example 1: Display the maximum permitted privileges and privilege-aware
flag of binary executable file
PermittedMaxPrivileges: CMPTREAD, CMPTWRITE
SEE ALSOsetfilexsec(1M), exec(2), compartments(5), privileges(5).