Garrett D'Amore wrote:
> Man pages in the case directory indicate that Primary Administrator 
> (root) is required to run these commands.  Why?  It seems like these 
> commands only access information which should be considered public, so 
> that anyone can run them.  I realize that there is an issue of accessing 
> the underlying device nodes, but perhaps RBAC can be used to make these 
> commands available to anyone?  (Or perhaps the underlying device node 
> can be provided in "safe, read-only" type of mode?)

I'll ask a more specific question.

Exactly what privileges do these commands need to run with to gather the 
information they need.

"Primary Administrator" should never be documented in a man page.  If 
the command really needs all privileges because that is what the device 
node requires then that is what we document.

-- 
Darren J Moffat

Reply via email to