On Mon, Mar 23, 2009 at 01:35:54PM -0700, Alan M Wright wrote: > On 03/23/09 13:22, Jordan Brown wrote: > >Darren J Moffat wrote: > >>Or - and this is my preferred option - there should be a requirement > >>that the commands be listed in a specific RBAC exec_attr(4) profile > >>and that smbd 'pfexec' them and by default they only run with basic > >>privs (unless the exec_attr(4) profile gives them more. > > > >That sounds like it might be theoretically correct, but it seems like a > >pretty heavyweight thing to ask users to set up. Remember that this is > >a mechanism intended to allow users to plug their own components - > >typically but not necessarily scripts - into the SMB connect/disconnect > >process. > > I thought about that a while ago but was concerned about end > user flexibility. We can take a look at it.
On OpenSolaris systems the user will have Primary Administrator assigned to them, so user-friendliness in small environments is probably not an issue. For enterprise customers managing RBAC not likely a significant issue (beyond the usual SUDO vs RBAC threads, which should be put to rest by merging them as much as possible). Nor should it be for the storage appliance. Nico --
