On Thu, Mar 05, 2009 at 10:50:39AM +0000, Darren J Moffat wrote: > Phi Tran wrote: > >I agree to the above if we tie read and write together, but I was > >thinking about the case when we want separate read and write control. > >I was thinking the model could be that everyone on the console by > >default would have read privilege for parted. The write > >privilege could be controlled by the auth and be part of a separate > >profile. > > I don't see why being on the console should be special for this, please > explain the rationale.
I agree. Given the use of RBAC we automatically get the ability to grant console users access to parted, if the sysadmin wants to (though I seriously doubt it).
