ux-admin wrote: > > http://csrc.nist.gov/groups/SNS/rbac/standards.html
>Oh, and by the way, I was one of the engineers to implement that role system >and the 1,300 roles for that bank in the article above. Perhaps you'll find >that funny... Then how can you possibly be conflating the use of RBAC with using sudo as gods only gift to role requirements? And as for both the urls, as well as my misspelled references for /etc/user_attr, in the first case the urls weren't meant for you alone. In the second A. my spelling sucks bfd, B. no comment doesn't really give much answer to any understanding of the difference. user_attr is an RBAC tool just like sudo is, and less of a hassle to deal with in most cases. The other problem with sudo is that it's vulnerable to people doing bad things with shell permissions. In combination the 2 can be layered, which is fairly nice in some situations, and sudo is nice training wheels for users who do not feel comfortable working in an administrative role, but it is a limited tool to say the least. Tim This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list [email protected]
