On May 28, 2009, at 1:36 AM, Martin Bochnig wrote:
On Thu, May 28, 2009 at 2:30 AM, David Abrahams <[email protected]>
wrote:
Coming from other unices I find this strange pfexec thing being
used in
some places where sudo or su might have been used otherwise, and I'm
trying to figure out its proper application. Can anyone offer a
helpful
pointer?
In addition to being much more fine-grain-controllable, RBAC offers
you the convenience, that you do not need to re-type the password
every time you run pfexec.
You actually don't need to do that with sudo either; it has some kind
of memory and doesn't ask if you've authenticated recently.
RBAC originates from Trusted Solaris 2.5.1, then 8, now 10 &
OSyyyy.mm.
It has highest level security certifications not many other operating
systems ever pass, whether with or without similar clones of Trusted
Extensions.
All the certifications in the world do no good if the security system
is configured to hand out root privileges lightly.
--
David Abrahams
BoostPro Computing
http://boostpro.com
_______________________________________________
indiana-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
