> >> The proposal already met the requirements of the no-third-party-setuid
> >> policy;
> >>
> >
> > there is no such policy. please don't make your and our job more
> > difficult by inventing additional policies for us to enforce.
> >
> Just to come to Stephen's defense, there was an example here. I'm hazy
> on the details, but I
> recall pushing back very hard on a proposed integration of a suid
> utility (one such utility in a
> proposed integration of many). I *think* I lost that argument.
>
> Anyway, policy or not, there is precedence to show that proposing the
> integration of a
> FOSS suid utility will bring discussion.
I don't recall that any part of this proposal includes suid programs.
Nor any part of this proposal (except for the codification
of what /usr/gnu/* and friends) that I had particular issue with.
I would point out the various precedences:
PSARC/1999/555 Getting with the Freeware Program
PSARC/2000/488 Solaris/Linux Commands Compatibility and
PSARC/2005/185 Enabling serendipitous discovery
And possibly other cases.
And Policies:
http://opensolaris.org/os/community/arc/policies/shared-sharable/
http://opensolaris.org/os/community/arc/policies/libraries/
http://opensolaris.org/os/community/arc/policies/SMF-policy/
http://opensolaris.org/os/community/arc/policies/NITS-policy/
http://opensolaris.org/os/community/arc/policies/PAM/
http://opensolaris.org/os/community/arc/policies/audit-policy/
And possibly other policies (such as something I'm hoping
to clarify as the "Solaris Security Policy")
That apply in general. I don't believe it's proper to
to address any one without the context of the others.
Gary..
