Gary Winiger wrote:
> I'm sponsoring this Fast Track for Jim Hughes.
Can you clear up a usage-model confusion for me?
In "sudo land", I'm used to a model where
I'm just "me" until I wish to increase my abilities, at
which point I sudo to enable my superpowers. When I'm
done playing god, (and stop using sudo) those powers go
away.
in "RBAC land", the model seems to be
I'm never just me, I always have some set of superpowers
that I can never turn off, so I always need to be more
careful about consequences and side effects.
Am I misunderstanding things? If so, you can probably ignore
the rest (except maybe for humor value).
Just as someone invented sheaths for knives, because people
don't always need to walk around armed to the teeth, the
"sudo world" doesn't require everyone to walk around with
a loaded "rm *" command :-)
This proposal, if applied to my home system, would seem to
effectively make logging in as "plocher" be the same as
logging in as "root" - and is something I'm not sure I want.
What I do want is to be able, as "plocher", to say "I want
to explicitly do `foo` now, but not necessarily at any other
time without additional future confirmation being required".
-John
