Matthew Jacob writes: > sg3 (not SCSI-3) is indeed a grab bag. Doug Gilbert has grown it over > the years and it's been darned useful.<br>
I wasn't questioning the utility of it at all. I can see that it's quite powerful and useful. > Why not indeed? However, at the risk of derailing this discussion, I'd > like to point out that the import of a package that users are used to > using elsewhere will solve problems in N-P complete time as opposed to > waiting for things to be fixed which certainly won't happen in the same > geologic time frame.<br> I can't tell whether a nondeterministic machine could solve those problems in polynomial time, or for that matter whether there are perhaps other utilities that solve the same problem, but I guess that's beside the point. What we're asking here is how the delivered features themselves are properly integrated with the rest of the existing Solaris features, notably Least Privilege and RBAC. If the answer is that they're just not integrated because that's ETOOHARD (which is what I *think* you're asserting), then perhaps architectural review is itself too hard. The safest and simplest thing by far to do would be to deliver them with no RBAC profile at all -- that is, simply fail to integrate with Solaris, and force the user to figure it out. That way, you wouldn't be accidentally granting access to harmful things (things that can cause privilege escalation) through an existing profile. That'd work, but the result over time of many projects doing this is that Solaris itself becomes incomplete: more and more things skip RBAC, omit auditing, and opt for init.d scripts rather than SMF. Eventually, we wind up with a trash pile of incomplete features. I guess I don't know whether we care about that. I would suggest that Darren and Gary do, which is why they spoke up. It's not to slow down a project or make it "geologic," but to find out what makes it complete. > I'm playing dumb user in this paragraph. If I, as a user of OpenSolaris > (which seems to be tuned towards user/developers, not restricted > users), plug in a device to my machine, I expect reasonable permissions > *or* automated to tools to use that device. Therefore, whatever > permissions framework allows me to use this package of tools seems > reasonable to expect.<br> We're talking about privileges granted to a process, not how permissions on a device are set. They're different issues. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
