I agree...i think the current approachis very windowsish (Pre-vista) and can only lead to problems.
2009/6/17 Moinak Ghosh <moin...@belenix.org> > On Tue, Jun 16, 2009 at 11:41 PM, Lurie<y...@gmx.co.uk> wrote: > >> And you're waiting for the ARC review to do that? I > >> haven't looked too closely but I'm not generally aware > >> of any security problems introduced by pfexec in OpenSolaris. > > > > By default OpenSolaris gives the default user adminstrator privileges, > allowing any program run by that user to execute anything it wants to with > root rights (just fork a new process with "pfexec ..." ...) > > That is how the Caiman Installer sets up the user profile. > Maybe the solution is to not grant all admin rights to the > user and allow him to assume root role via a password. > > Regards, > Moinak. > -- > ================================ > http://www.belenix.org/ > http://moinakg.wordpress.com/ > _______________________________________________ > opensolaris-discuss mailing list > opensolaris-discuss@opensolaris.org >
_______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
