James Carlson wrote: > Nicolas Williams writes: >> On Thu, Mar 05, 2009 at 10:50:39AM +0000, Darren J Moffat wrote: >>> Phi Tran wrote: >>>> I agree to the above if we tie read and write together, but I was >>>> thinking about the case when we want separate read and write control. >>>> I was thinking the model could be that everyone on the console by >>>> default would have read privilege for parted. The write >>>> privilege could be controlled by the auth and be part of a separate >>>> profile. >>> I don't see why being on the console should be special for this, please >>> explain the rationale. >> I agree. Given the use of RBAC we automatically get the ability to >> grant console users access to parted, if the sysadmin wants to (though I >> seriously doubt it). > > It's also not necessary for "normal" single user machine > administration, at least on OpenSolaris. The initial user there gets > added with the 'Primary Administrator' profile and 'root' role. >
My idea was that read and write access could be decoupled which would allow the administrator the ability to have finer control. A paranoid administrator could think that read access should be limited since more knowledge about the partitions may be valuable to a hacker. I'm not saying decoupling read and write is a requirement, but it will give the choice to the administrator. Currently, we decided not to separate read/write access; and we will leave that as a future option if there is more justification. Phi
