On Wed, 2009-06-03 at 16:55 -0400, Girish Moodalbail wrote: > changes to exec_attr(4) and privileges(5) > ----------------------------------------- > > ipadm(1M) would need 'sys_ip_config' privilege to configure system's IP > interfaces and to configure network parameters/tunables. Further, > ipadm(1M) would also need 'file_dac_write' to write to ipadm repository, > maintained at '/etc/ipadm/ipadm.conf', via library libipadm.so.1. > > Only ipadm(1M) would need 'file_dac_write' privilege. ... > Other consumers, who will linking into libipadm.so.1 in the first phase > of the project, already run with uid=0 or has 'file_dac_write' > privilege. So we should have no issues making them use our library.
Your materials state that you're modifying nwamd in the first phase. Presumably, you're integrating after NWAM Phase 1, which has already stated that nwamd will not run with uid=0. Is the plan to have it run with file_dac_write? -Seb
