On Thu, May 28, 2009 at 2:30 AM, David Abrahams [email protected] wrote: > I have already been using it, thanks. It's not that > I prefer sudo; I'm just trying to understand the proper place of pfexec > in the system. It's a little odd to issue admin commands without > ever issuing a password, but I guess sudo doesn't really offer more > security since an intruder has probably already got your password if > he's logged in as you?
No, I don't think that logic stands up. Using sudo is more secure and it is also what users are accustomed to doing on other systems like Ubuntu Linux or Mac OS X. See bug 1945: http://defect.opensolaris.org/bz/show_bug.cgi?id=1945 RBAC offers a lot of functionality, but without pfexec using password authentication, I don't think it is the best fit as used here. Haik -- This message posted from opensolaris.org _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
