On 10-Jul-07, at 12:28 AM, Doug Scott wrote:
John Sonnenschein wrote:On 9-Jul-07, at 11:23 PM, Tim Bray wrote:On Jul 9, 2007, at 7:28 PM, Richard Elling wrote:Minor point, we don't need to use something as braindead as sudo, we're Solaris, we can use RBAC.Remember, every time you take something out that people are used to and seemed to work, you increase the Solaris barrier to entry. I've been using sudo for years and, silly me, it seemed pretty secure and pretty useful. So if you're not going to provide it, there needs to be an instantly-accessible explanation of how to achieve the same effect with RBAC. -TimI understand that we want to eliminate some barriers to entry, but why ought we shovel rubbish in to the distribution to do so ?John,Can you expand on your definition of rubbish. Can you list it's defects so we can have a valid reason to exclude it rather than an emotional anti-Linux rhetoric. I have used both RBAC and sudo on Solaris over the years. Both have their good points and bad points. I do not think there is a valid reason to leave either out.
well, for one, sudo makes every user's password as valuable to an attacker as root's. There's also the problem that a slightly misconfigured sudo can give full root access to a potentially malicious user. for example, allowing access to something which can in some cases spawn a shell essentially makes that user root.
RBAC on the other hand allows you to grant far more well-verified, and infinitely finer grained ( for example, ACL's granting write permissions to individual files ) privileges to a user.
To be honest, I think doing away with the root account altogether and replacing it with a half dozen administrative accounts would be ideal. Once the initial shock of the new way of doing things was over, it would be an ideal and wonderful change for both home users and enterprise users over the 30 year old paradigm of (user | superuser)
-- This Message has been Digitally Signed PGP Public Key 0x437AF1A1 Availiable on hkp://pgp.mit.edu
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ indiana-discuss mailing list indiana-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
