Marcus Watts <[EMAIL PROTECTED]> writes:
> So far as "vos release" - the reason why that is a
> problem is because, so far as the file server is concerned,
> it *IS* a "vos dump" / "vos restore". It's the
> vos client binary, that is coordinating the activity
> between the vldb, and the file servers; and so it is
> the vos client that is ultimately being trusted to do
> the right thing. That's why something like "adm"
> or "sysctl" is a good way to handle "vos release";
> not only can it do a better job of deciding who can
> release which things, but it also puts the trusted
> "vos release" part somewhere besides on your workstation.
I'd hate to see the present implementation of a piece of software ever
become the _sole_ reason not to change that software. I too, like the
idea of permitting someone other than (in addition to) the members of
system:administrators to release volumes. I just haven't figured out
what is a clear, clean, configuration mechanism. I thought it might
make sense to permit anyone with write permissions on the root
directory to perform releases on that volume (to existing sites only,
not to create new sites). The premise being that if you can write to
the root directory, you can pretty much change anything in the volume
anyway. Cons? I'm really looking for someone to say "that's a bad
idea because..."
Lyle.
Disclaimer: this note does not consitute a warranty, implied or otherwise.
