> Please provide your comments/feedback before COB Wednesday 3/24.
>
> Darren, Gary, since it seems there might be a security aspect
> of this proposal (see Chapter 10 of design spec), I thought
> you might provide us with valuable feedback which would help
> us to assure that we don't miss anything important as well as
> that we are not unreasonably paranoid.
> If you happen to have cycles to take a quick look, it would
> be greatly appreciated.
The inclusion of encrypted passwords in the manifest
protected as 400 root, seems reasonable. If there's
any chance that this manifest will be around on a live
system, it might be worth also putting the passwords in
a read_authorization protected property group.
A couple broader comments:
* The project team should be aware of PSARC/2009/652
User, RBAC and Labeled Networking Administration.
It is making changes to user/role/group/add/mod/del.
* I noticed that the details in this paper do not align
with the details in PSARC/2010/067 particularly around
not assigning Primary Administrator. IMO, these details
should be aligned.
* There seems to be a user_account/application/expire property.
How does that relate to passwd -f? Shouldn't root be required
to also change the password upon first use?
* There are lots more user attributes than are listed in 5.1 and
shown in the manifests. Presumably this is a minimum set the
project team considered and it is thoroughly extensible to
other attributes.
Gary..
> [2]
> http://hub.opensolaris.org/bin/download/Project+caiman/System+Configuration+Project/scsmfdesignv0.1.pdf
