Nicolas Williams wrote:
> You did misunderstand RBAC.
> In RBAC land pfexec is the equivalent of sudo.
From Jim's mail, there seems to be an additional
except for role-aware applications, for which you are
always [an audited] god.
My fear is ending up in a world where more and more things
are role-aware and we set up the user environment [for the
first defined user?] such that they are forced to be a full
time demigod, rather than having to duck into a phone booth
first.
As Gary said, this topic is out of scope for this case,
though it may be for a hypothetical future "make root nologin"
case.
Since there is "more work to be done" to make root=nologin,
I question the advisability of granting the last point:
> 3) ask permission to make the root account a nologin
> account in a future Major release. As has been
> pointed out, there are various other projects that
> making the root account a nologin account is dependent
> upon.
I'd rather see a future case (umbrella?) that does this as a
simple explicit step that shows all the t's and i's dotted
and crossed.
-John
