Found some further background reading from security-discuss@ for anyone looking for further technical background info:
http://opensolaris.org/jive/thread.jspa?threadID=98824 http://opensolaris.org/jive/thread.jspa?threadID=98824&tstart=210 http://opensolaris.org/jive/thread.jspa?threadID=98729&tstart=210 On 24 May 2011, at 10:42, Bayard Bell wrote: > On 23 May 2011, at 22:29, Jeppe Toustrup wrote: > >> 2011/5/23 Ken Gunderson <[email protected]>: >>> On Mon, 2011-05-23 at 15:39 -0400, Alex Smith (K4RNT) wrote: >>>> Another related question - why have we stopped using pfexec and >>>> started using sudo? I preferred RBAC... >>> >>> Have we? I've been testing 148b and just assumed it was a defect. If >>> not, I concur with you that RBAC is preferrable to sudo. >> >> The change was made upstream. See this bug report which discusses the change: >> https://defect.opensolaris.org/bz/show_bug.cgi?id=4885 > > This looks to me like a comedy of analogical errors: it's not, for example, > that Windows users no longer have access to admin privileges, it's just that > asserting those privileges requires authentication. Similarly, it's not that > sudo is the right way to do things in general, nor is it all that important > that using sudo provides an affordance to people accustomed to using it > elsewhere. It's that pfexec doesn't have a mechanism to require > authentication for the assertion of particular levels of privilege, and it > looks like a decision was made to kick the can down the road on that. You > could follow the various offered analogies conclude not that access to root > should be mediated by sudo because that's what people expect but that people > rightly expect there to be an authentication requirement, in principle if not > in fact, between them and access to those privileges. It wouldn't be a > show-stopper to say that for most people's purposes, pfexec is like sudo, > it's just called pfexec and has a different configuration system because the > privileges have a different structure, if you need to edit the config files, > read the fine man page. The problem is a decision was made, however > implicitly or explicitly, not to fill in the functional gap and add > authentication. Instead of agreeing that pfexec needed to be like sudo in > this respect and making it that way, we just got sudo. > > That continues to be the case because the determinative constraints haven't > moved an inch. I don't see the point in the subsequent Talmudic arguments > about references to Ubuntu, as the protracted argument doesn't add up to the > inconsequence of the point. > >> -- >> Venlig hilsen / Kind regards >> Jeppe Toustrup (aka. Tenzer) >> >> _______________________________________________ >> OpenIndiana-discuss mailing list >> [email protected] >> http://openindiana.org/mailman/listinfo/openindiana-discuss >
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
