On 10/27/08 13:38, Michael Schuster wrote: > On 10/27/08 13:28, Peter Tribble wrote: > > >>> 4. You say regular users can view configuration and statistics. I >>> would expect to be >>> able to restrict that, as I wouldn't always want all users to be able >>> to view everything. >>> >>> >>> Are you suggesting the the default could be regular users unless the admin >>> customizes is otherwise? Can you explain why you would want to restrict >>> viewing? >>> >> Michael asked the same question. It's a good one. But I have to confess that >> I was taken aback by the idea that anyone on the machine could view >> everything. I'm happy for that to be the default, but would like the >> capability for tighter control. One case I have is where a machine provides >> services to different units - different units shouldn't be able to see >> each other's >> data or configuration. >> > > I'm still a little mystified at this request - after all, we're not talking > about data here, but about glorified forwarding/routing information > concerning networking packets... > > We fashioned this after "route monitor" command which does not require root privs. Are you concerned more from a security standpoint, or blocking of config details between units for other reasons? > Michael >
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/ilb-dev/attachments/20081027/18c2c3ee/attachment.html>
