James Falkner wrote: > I'm not sure what you're suggesting as far as this proposal, but using > zones > or changing the zones implementation to provide an even lighter weight zone > than a sparse zone, in order to allow non-root users to install mozilla or > vim, still sounds like the wrong tool for the wrong job.
Whats more the latest builds have an even lighter weight type of Zone. One that doesn't suffer from the "need another IP address" problem. This is the type of zone that is used when running the MAC labeling, ie Trusted Extensions. To all the people that keep suggesting Zones as a way to fix this. It doesn't it solves a different problem. Please trust us on this one even if you can't yet see it for your self. Zones is so much more than just a separate install area. Programs in two different zones can't talk to each other. Some times this is what you want and it is called Mandatory Access Control (or labeling) and this is what Trusted Extensions provides. This project on the other hand is solving a completely different problem. > We have the ability to provide coarse-grained packaging management > rights to > users (i.e. you can manage all packages, or none). Finer-grained access > control for managing individual packages sounds great, but still requires > admin intervention, and the number of possible scenarios with issues > would grow quickly. For example, if a patch crosses between two different > sub-administrators, who is allowed to install the patch? Also if the package has any scripts or setuid binaries in it or needs to modify any root owned object (eg a config file etc) this can't work because it means you need to run with all privilege. -- Darren J Moffat
