Casper.Dik at Sun.COM wrote: > >> If it's not setuid, then it won't gain any privileges just because you >> define these authorizations. You would want to include the command in an >> RBAC profile so that users who have the profile can run it with the >> necessary privileges. In that case, there is probably no reason for the >> additional authorization check. >> > > > And I'd prefer that: a exec_attr and a RBAC profile; if you want to check > for the authorization, you will need to change more to the source. >
I will add it to the File System Management profile as you suggested. > I'm assuming that it will not automatically "work" on Solaris. > > If you port it to Solaris, do you also use libdiskmgmt? > I am not using libdiskmgmt. Mark > Casper > >
