On Tue, 2011-05-24 at 11:06 -0400, Dave Miner wrote: > On 05/24/11 08:54 AM, Gary Mills wrote: > > On Tue, May 24, 2011 at 06:26:33AM -0600, Ken Gunderson wrote: > >> On Tue, 2011-05-24 at 09:21 +0100, Alasdair Lumsden wrote: > >>> Hi All, > >>> > >>> I too don't appreciate the flamewar on here of Solaris vs Linux, > >>> sudo vs pfexec. > >> > >> With all due respect, I think the technical signal is high enough to > >> qualify as relevant discussion. > > > > My preference would be to: > > > > 1. Make root a role > > 2. Retain sudo as an option > > 3. Find a secure way to use RBAC for system administration > > > > Not surprisingly, that's what we are trying to do, the decision that > prompted this sub-thread was about moving in that direction and removing > a security issue we'd created with the experimentation in OpenSolaris > releases. RBAC. properly configured, is highly secure, but doesn't > provide one important thing yet: authentication of the user (using his > password) at the keyboard when assuming privileges. A solution to that > will happen and allow us to refine what we're doing with Solaris. > > Dave
Hi Dave: Yeah, I get technical part of it. My comments were meant to be taken in context of sarcastic, tongue-in-cheek groan to the "just like Ubuntu" familiarity goal, wh/upon subsequent review was made by Glenn Faden rather than yourself. Thanks for your time. -- Ken Gunderson <[email protected]> _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
