Folks, As we all know, the new /sbin/ipadm(1M) will allow to set/get few TCP/IP tunables/properties that were supported by /usr/sbin/ndd.
Today, to access or set TCP/IP network parameters, one needs PRIV_SYS_IP_CONFIG and it's defined in privileges(5) --------- PRIV_SYS_IP_CONFIG Allow a process to configure network parameters for TCP/IP using ndd. Allow a process access to otherwise restricted TCP/IP information using ndd. --------------- Now should we restrict the output of following subcommands (a) ipadm show-prop (show's module specific NDD properties) (b) ipad show-ifprop (show's interface specific NDD properties) like we do for ndd(1M), today? However, for dladm(1M), with Sebastien's PSARC/2008/473 push, some of the 'dladm show-*' commands needs no privileges. What is the expected behavior here? thanks ~Girish
