2007/7/10, Simon Phipps <[EMAIL PROTECTED]>:
On Jul 10, 2007, at 07:23, Tim Bray wrote: > On Jul 9, 2007, at 7:28 PM, Richard Elling wrote: > >>> Minor point, we don't need to use something as braindead as sudo, >>> we're Solaris, we can use RBAC. > > Remember, every time you take something out that people are used to > and seemed to work, you increase the Solaris barrier to entry. I've > been using sudo for years and, silly me, it seemed pretty secure and > pretty useful. So if you're not going to provide it, there needs to > be an instantly-accessible explanation of how to achieve the same > effect with RBAC. -Tim I'm with Tim and Doug on this one. The principle I believe we need to follow in making the perfect Solaris for the GNU/Linux user is to ensure everything expected is present, and that compromises or conflicts like this one lead to a better not a worse experience. If in the process they can lead to improvements to Solaris Classic, that's even better. Wild idea: Maybe in this case we need an implementation of sudo that's configured by and a subset of RBAC so that new users graduate to RBAC over time?
That's a great idea, not wild at all, putting some help on the /etc/sudoers file explaining how to use RBAC to achieve the same common tasks than sudo would rock, and you would introduce another great feature of Solaris. S.
-- Un saludo, Alberto Ruiz
_______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
